Most of the measures aimed at guaranteeing more transparency, knowledge and mutual confidence in developed and promoted by OSCE are targeted towards cybersecurity. Cybersecurity is understood as the set of activities deemed necessary to protect networks, information systems, information services and electronic communication from cyber threats, in order to ensure their availability, confidentiality, integrity and resilience, with the objective of safeguarding national security and interests in the cyber space (art. 1 of the law decree n.82 of 2021). Through these measures, we want to ensure an open, secure, stable, accessible and peaceful cyber space, simultaneously increasing transparency and confidence between States in order to avoid conflicts or the possibility of their degeneration. The objective is, on the one hand to promote the dialogue between States on the subject of cybersecurity, on the other hand the sharing of information, lessons learned and common practices.
The big challenges regard:
- The knowledge of different practices and architecture of cybersecurity among various States their possible convergence;
- The management of threats, also keeping in mind the possibility of acting in an autonomous manner within the cyber space;
- The limitation of important shortcomings in terms knowledge and IT facilities, also in terms of technological capacity, Human Resources training and financial availability;
- The analysis of activities to contrast malicious activity;
- The overcoming of that vision according to which CBMs would be only political engagement initiatives and instead to interpret them as legal and technical engagements tied to the governance of the cyber space.
After establishing an appropriate Informal Working Group OSCE (Decision 1039/2012) – to which participate the Permanent Representation of Italy to the OSCE in Vienna, the Ministry of Foreign Affairs of Italy and experts of the competent national branches – 11 specific measures have been identified for the enforcement of confidence in the field of cybersecurity (Decision 1106/2013), integrated in a second phase with other 5 measures (Decision 1202/2016).
Considering the informality of assembly, such measures present themselves as the foundation for the divulgence of a model of governance of the cyber space even for other international arenas, such as the UN, as well as for outreach and capacity building activities through the promotion of national specialized expertise in Mediterranean and Asian Partner Countries of the OSCE, for instance the “OSCE –wide Conference on Cyber/ICT Security”, organized by the OSCE Italian Presidency of 2018.
Italy actively participates in the CBM8 (network of convergence points) and in the CBM14 (together with Austria, Belgium, Estonia, Finland and Sweden). According to the latest measures, the participating States, on a voluntary basis, promote public-private partnerships and develop mechanisms for the exchange of better practices for what concerns the answers to the common challenges to security derived from the exercise of information technologies.