*Below are the full scripts of the keynote and opening remarks at the Singapore International Cyber Week (SICW), provided to The Readable by the Cyber Security Agency of Singapore. The event, as Asia-Pacific’s most established cybersecurity conference, gathered in one place 12,000 security professionals from 80 nations with the aim of making the world a safer place by accelerating discussions and facilitating collaborations.
Gala Dinner Keynote: UN priorities for digital issues on the international stage. Remarks by Izumi Nakamitsu, High Representative for the United Nations Office of Disarmament Affairs
Your Excellency, Senior Minister Teo Chee Hean, Excellencies,
It is a real pleasure to greet you all at the eighth edition of the Singapore International Cyber Week.
I express my deep appreciation to the Government of Singapore for the kind invitation and warm hospitality.
It is unsurprising that this week has quickly evolved into a flagship event in the annual calendar of cybersecurity events.
Singapore is a global leader in international cybersecurity discussions both at the United Nations and through its other regional and subregional efforts.
Singapore’s very able stewardship of the Open-ended Working Group on security of and in the use of information and communications technologies, through the skilled chairing of Ambassador Burhan Gafoor, is but one example.
I would like to particularly acknowledge the important role of the Cyber Security Agency of Singapore.
The Office for Disarmament Affairs is honoured to continue its deep cooperation with CSA, particularly in the area of cyber capacity-building.
Our joint activities under the banner of the UN-Singapore Cyber Programme continue with great success, producing concrete results.
In particular, I am pleased to note that there have been three very successful iterations of the UN-Singapore Cyber Fellowship.
Nearly 75 fellows from over 50 countries have participated in this now highly sought-after and popular programme.
The inter-disciplinary curriculum is meant to equip participants with new knowledge and skills that could be applied directly to national cyber policy, technology and operations, while also facilitating important relationship- building.
All of this is done with the overarching goal of a safer and more peaceful cyberspace.
Together with CSA, we have worked hard to ensure gender parity and I wholeheartedly welcome the increasing number of women fellows.
My Office looks forward to planning the 2024 iterations. Common Agenda- NAFP/Global Digital Compact
Allow me to now turn to some reflections on United Nations priorities in cybersecurity and the digital domain more broadly.
I would like to start by thanking Senior Minister Teo Chee Hean for his remarks on trust in the digital domain.
This is an important place to start.
Trust is the cornerstone of the collective security system and a defining challenge of our times.
Just a few weeks ago, the United Nations General Assembly agreed to work towards adopting a concise, action-oriented document entitled “Pact for the Future” at a high-level Summit in 2024—the so-called “Summit of the Future.”
International peace and security will be one of the elements of this “Pact for the Future”.
This is an important sign of hope for multilateral cooperation against the backdrop of a very difficult international security landscape.
In the context of preparations for the Summit of the Future, the Secretary- General has issued a number of policy briefs, including one on his vision for “A New Agenda for Peace”.
The policy brief on a “New Agenda for Peace” offers, at a strategic level, the Secretary-General’s vision for a more effective multilateral system.
This vision, in its essence, reiterates some basic principles for international cooperation—the centrality of the UN Charter, the need to rebuild mechanisms to manage disputes and improve trust, and the centrality of national action, for example.
Disarmament, non-proliferation and arms control issues feature prominently across the “New Agenda for Peace” and are well integrated with the broader peace and security and development objectives.
Addressing potential risks emanating from emerging domains, including cyberspace, and promoting responsible innovation is a priority for the Secretary-General and for the “New Agenda for Peace”.
The Secretary-General calls for finding consensus around guardrails to manage the potentially negative impacts of technology.
The policy brief focuses particularly on the need to tackle the extension of conflict and hostilities to cyberspace, building on concrete progress achieved through the General Assembly.
The Secretary-General offers two specific recommendations to that end—one related to the protection of infrastructure providing services to the public and another on enhancing accountability for responsible State behaviour in cyberspace.
I would like to come back to the concept of trust.
The Secretary-General’s “New Agenda for Peace” proposes three principles that must underpin the search for common solutions: solidarity, universality and, yes, trust.
Undermining trust can threaten international peace and security, while building trust supports it.
This is especially true in the digital space.
It is widely acknowledged, for instance, that malicious uses of information and communication technologies by States can undermine trust, are potentially escalatory, and can threaten international peace and security.
They may also pose direct and indirect harm to individuals.
At the same time, increasing trust between States is an essential ingredient in our efforts to ensure an open, secure, stable, accessible and peaceful cyberspace.
As called for by the Secretary-General, to address such concerns of trust and mistrust linked to the digital space, the international community must better regulate and manage our digital commons as a global public good.
To achieve this, the Secretary-General has called for a ‘Global Digital Compact’ to be agreed at the Summit of the Future in 2024, which would outline shared principles for an open, free and secure digital future for all.
The Compact, which will be developed through an intergovernmental process over the next year with multi-stakeholder engagement, is expected to cover issues such as digital connectivity, avoiding Internet fragmentation, data protection, digital trust and security, and the application of human rights online.
The Secretary-General has also focused on the “governance of artificial intelligence for humanity,” calling for a global, multidisciplinary conversation in order to examine, assess and align application of artificial intelligence and other emerging technologies.
It is critical that we use the opportunity of the Global Digital Compact to close the “digital divide”, advance the Sustainable Development Goals, and make the online space open and safe for everyone.
OEWG and intergovernmental discussions
This year, we celebrate 25 years of discussions on the peace and security challenges emanating from State use of information and communications technologies, or ICTs for short, under the auspices of the United Nations.
Since the introduction of the first General Assembly resolution on this topic in 1998, both the international security landscape and ICTs have evolved significantly.
Developments in ICTs have continued at a rapid pace—from pioneering cloud computing capabilities to the growing Internet of Things technologies.
At the same time, threats grow.
Over the past decade, incidents involving the malicious use of ICTs by States and non-State actors have increased in scope, scale, severity and sophistication.
Thankfully, while the risks increase, so has the attention of the international community in addressing them.
Addressing peace and security challenges arising from State use of these technologies is now a top-line priority at the United Nations.
Since 2004, intergovernmental discussions, first in the form of expert groups and subsequently in fully inclusive working groups, have explored threats posed by the use of ICTs in the context of international security and how these threats should be addressed.
The work of these groups has been largely cumulative, with each building on the work of the previous one to further explore means of reducing risks and tensions.
Many highlights of these intergovernmental processes could be listed.
Most critically, these discussions have resulted in endorsement by the General Assembly of concrete norms of responsible State behaviour in the use of ICTs.
States have also affirmed the applicability of international law, especially the UN Charter, to States’ use of ICTs.
This normative framework, complemented by existing international law and underpinned by a commitment to confidence-building and capacity-building, represents a significant milestone in international cooperation towards an open, secure, stable, accessible and peaceful ICT environment.
This progress continues to serve as a baseline for further work, including in the framework of the ongoing Open-ended Working Group on security of and in the use of ICTs mandated through 2025.
In the current Working Group, progress has been evident from the very first session in December 2021.
Exchanges have been rich. Proposals have been action oriented.
Last year’s first annual progress report represented a significant intermediate step.
The report crystallized several interim achievements of the Group, including the agreement to establish an intergovernmental points of contact directory.
States decided to hold a focused, intersessional meeting on the issue of confidence-building.
The Working Group also identified specific discussion topics like funding for capacity-building efforts, best practices in public-private partnerships and the gender dimensions of ICT security.
A year later, in July 2023, the Working Group maintained its momentum with consensus adoption of a second progress report.
The second progress report includes a roadmap for discussions over the next year and modalities for the operation of a global points of contact directory that will facilitate communication between diplomatic and technical authorities, including in relation to ICT incidents.
The report requests the Secretariat to undertake a mapping exercise to survey the landscape of global and regional capacity-building initiatives with a view to encouraging synergies and coordination.
My Office will also pursue an update of the Cyber E-Diplomacy Course for diplomats currently available on our Disarmament Education Dashboard.
All this is to say that much has been accomplished despite challenging international security circumstances.
But we cannot become complacent. Much more must be done.
There are a number of outstanding issues that require further discussions to bridge differences—such as how to capture the divergence of views on the format and structure of a future regular institutional dialogue on these matters at the United Nations.
These multilateral processes are anything but easy, but they remain absolutely vital.
I continue to believe there is scope for progress and I remain committed to supporting States to this end.
I also commit to continue to facilitate the meaningful contribution of non- governmental entities, including civil society, academia and the private sector, given their indispensable role in supporting a safe and secure cyberspace.
Conclusion- Synergies with other technologies
Excellencies, Distinguished attendees,
Before concluding, I would like to briefly address synergies between the cyber domain and other emerging technologies.
The walls between technologies are not immovable, but in fact highly fluid.
The nexus between different technologies and domains, including cyberspace, continues to evolve rapidly.
While technological innovation can be a force for good, there are also, rightly, concerns.
For example, a burgeoning nexus between nuclear weapons and emerging technologies, including in cyber and outer space domains, is magnifying prospects for miscommunication, miscalculation and escalation.
The incorporation of digital technologies in command, control and communications systems, as well as the entanglement of conventional and strategic assets in outer space, have exposed vulnerabilities and possibilities for error and miscalculations.
As for the potential interplay between nuclear weapons and artificial intelligence, I echo the Secretary-General’s call that humans must always be in control of, and responsible for, any decision-making related to nuclear weapons.
The synergies between digital tools and AI are also becoming increasingly salient.
Emerging technology applications like generative AI models can be used for malicious purposes in the digital space – for example, to generate “deep fakes” and spread disinformation, including in armed conflict.
The speed and volume of AI-enabled cyber-attacks, from phishing attacks to developing malware codes to exploiting vulnerabilities, are on the rise.
I would like to bring your attention to the Secretary-General’s call for developing necessary principles around responsible use of artificial intelligence in the context of international peace and security.
It is paramount to employ this technology for good.
Excellencies, Distinguished attendees,
The Secretary-General continues to call for a stronger, more networked and inclusive multilateral system, anchored within the United Nations.
Effective multilateralism and, by extension, an effective United Nations, is one that can adapt to global challenges, including those linked to rapid digitization and transformative technologies.
Now is the time to redouble our efforts in support of such a robust multilateralism.
We are in this together.
Thank you very much for your attention.
Opening Address: Strengthening Trust in the Digital Domain. By Teo Chee Hean, Senior Minister and Coordinating Minister for National Security
United Nations Under-Secretary-General and High Representative for Disarmament Affairs Madam Izumi Nakamitsu, welcome back to Singapore, pleasure to see you again!
My colleague Minister Josephine Teo, Distinguished Guests,
Ladies and Gentlemen Introduction
Welcome to the Singapore International Cyber Week (SICW) 2023. Thank you for taking the time to come to Singapore and to be here with us.
This is the eighth edition of the SICW. We continue to hold this each year because of how important it is for you - political leaders, policy makers, cyber experts, academics, and industry leaders - from around the world to have a platform to exchange perspectives and to grow our relationships.
The digital domain is constantly evolving. In the meantime, we are still playing catch- up, trying to figure out what the rules and norms should be, who should be responsible for taking action, and how we can work together to solve common issues. And this is even before the use of AI, the new frontier, becomes pervasive. But for us to answer any of these questions, trust is fundamental.
That is why tonight, I want to draw your attention to three areas where trust building in the digital domain is under considerable pressure:
a. First, between states;
b. Second, between governments and the tech industry; and
c. Third, in the public’s perception of the digital world.
Trust between states
Trust between states is strained, particularly in the digital domain.
We are now in a period of intense contestation. Strategic trust between the US and China is at an all-time low. The recent escalation of conflict between Israel and Hamas is tragic and undermines the stability of that region, and around the world. The war
between Russia and Ukraine has also not abated. There is a proliferation of exclusionary groupings, with countries blocking each other’s services, software, and hardware, citing national security. Trade, investment and supply chains are increasingly driven by geopolitics. There is a risk that competition will crowd out cooperation.
We see this dynamic playing out in cyberspace. It is not surprising that in wartime, countries engage in cyber operations to disrupt services, and cyber espionage to obtain information that can give them an advantage. But this is also happening in peacetime, for example, pre-positioning in Critical Information Infrastructure, ostensibly to collect information and lay the groundwork for disruptive cyberattacks which can interrupt essential civilian services. Such activities undermine trust.
A deficit of trust makes it harder for states to work together on common issues. This is especially worrying in the digital domain, as many issues require collective action. Take cybercrime for example: perpetrators and their victims do not need to be in the same jurisdiction. In fact, very often, they are deliberately in different jurisdiction. This is the case for most of the online scams with victims in Singapore. States are limited in what they can do on their own to tackle cross-border cybercrime. Cooperation is essential but difficult to achieve without a foundation of trust.
Will we see a world united by the promise of the internet and digital technology, or will we have a divided world, including in the digital domain?
The establishment of a rules-based multilateral order in cyberspace will go a long way towards buttressing trust between states. There is a general consensus on what constitutes responsible state behaviour in cyberspace, but the crucial task of codifying this into rules and norms remains. The work of the UN Open-Ended Working Group (OEWG) on the security of information and communications technologies, which Singapore supports, is an important part of this effort. We look forward to hearing the Under-Secretary's comments on this later.
Trust between governments and the tech industry
The second concern is the relationship between governments and the tech industry.
Large tech companies wield an unprecedented level of influence over economies and societies. At the same time, they enjoy a remarkable degree of freedom from regulation and accountability for their activities and the content they carry. Each company understandably competes for market dominance and the network multiplier advantage it confers. They own and control significant parts of the technology stack that the majority of the world depends on, and hold vast amounts of data. Their revenues exceed the GDPs of many countries.
This has made Big Tech pivotal stakeholders in the digital domain. Many of the challenges we face in the digital domain, such as cybersecurity and online safety, can only be solved with the participation and cooperation of Big Tech. But building trust between Big Tech and governments is challenging.
In some cases, for clearcut reasons, they boycott specific countries, for example Russia for invading Ukraine. But even in routine ways, Big Tech make their own decisions regarding whether and what services to provide or withhold, the content they carry, and the ranking algorithms to present content to users. Their interests may not always align with public or national interests. When implementing their policies and “community standards”, Big Tech also have to navigate boundaries of what countries consider important or appropriate in their own context. Big Tech understandably are driven by commercial considerations. They possess enormous market power. So it is important for Big Tech and countries to find respectful and constructive ways to manage policies and regulations that countries may find necessary, but which Big Tech consider unfavourable to their operating and commercial interests.
Even where governments recognise the need to work with Big Tech, they may not necessarily know how best to do so because issues of national security, defence, and social governance have long been the exclusive domain of governments. This is further complicated by the fact that for the vast majority of countries, Big Tech are foreign entities.
Some jostling is inevitable, and responsibilities will have to be revisited, but a healthy accommodation between governments and industry is essential for us to tackle the issues we face in the digital domain.
Public trust in the digital domain
The third area of concern is public trust in the digital domain. If we do not resolve the first two issues, very often it has an impact on this third domain, which is public trust in the digital domain. Most, if not all, of us recognise the benefits of digitalisation and the digital economy. The digital economy, for example in Southeast Asia, is projected to grow up to five-fold, to $1 trillion by 2030. To realise this potential, the public must be confident about engaging in the digital domain. The digital highways and streets must be safe for us to venture out on, including for children and digital novices.
However, there is growing concern that online harms such as scams, ransomware, misinformation, and other malicious cyber activities are becoming rampant, rendering the digital world unsafe. Cybersecurity vendors reported a 13% increase in ransomware incidents worldwide in 2022. In Singapore, phishing cases reported to
Singapore’s Cyber Security Agency (CSA) more than doubled from 2021 to 2022 to around 8,500, mirroring global trends.
Emerging technologies like generative AI have brought excitement and also concern in equal measure. They can be misused by malicious actors to supercharge their activities. Unethical use of these technologies can also cast doubt generally on the veracity of information in the digital domain, which is already plagued by fake news and disinformation campaigns. The seeds of such distrust are already present: A 2023 report by Salesforce found that 43% of the consumers it surveyed across 25 countries did not trust companies to use AI ethically.
If public trust in the digital domain is lost, users may be reluctant to carry out digital transactions. Citizens will not be able to reap the benefits of convenience and time- saving from the use of digital services. And the economy will have to forgo the productivity gains, and the growth that comes from new digital services.
The repercussions will not be limited to economic activity. I give you an example. Just a few years ago, countries were scrambling to contain COVID-19, a novel virus which was spreading rapidly. The widespread use of smart mobile devices became a major boon because we carry them around with us all the time. This enabled the rollout of online services or mobile apps for passing information quickly and also for contact tracing. This would enable close contacts of infected persons to be alerted and isolated, helping to slow the spread of the virus. In some societies, like in Singapore, we were able to effectively carry out contract tracing using these modern digital technologies because there was strong public trust in public institutions, and the digital services provided by these institutions. People knew that this was for the common good and trusted that their digital information would be protected and treated responsibly by their governments. Lives were saved as a result. In societies where public trust was lower, contact tracing efforts were not as successful; infections spiked dangerously, overwhelming healthcare facilities; and citizens paid the ultimate price.
There is no “one-size-fits-all” solution. Every society has its own context, culture, history, and challenges. But the goal of maintaining public trust in the digital domain is one we all share in common.
We have enjoyed great dividends from digitalisation – it has freed us from many of the limitations of geography, brought great economic benefits, brought people and societies together and changed the way we live and work. It behoves us to preserve and strengthen trust in the digital domain. Otherwise, we may see many of these
benefits reversed. The challenge of building and maintaining trust in the digital domain is complex, but it is imperative that we work on it together.
Through tonight’s summit and the rest of this week, I hope that we will collectively achieve a better understanding of each other’s’ perspectives, recognise our shared interests in cyberspace, and work towards building the trust we need for a digital world and a better future. We need safe streets and highways in cyberspace.
I wish all of you fruitful conversations in the coming week. Thank you very much.