ICC Calls for Government Action and Business Expertise to Strengthen Global Cyber Resilience

On 21 October 2025, the International Chamber of Commerce (ICC) released a statement urging urgent government action and stronger cooperation with business to build cyber resilience.

The call comes as the United Nations establishes a new Global Mechanism to continue discussions on responsible state behaviour in cyberspace. Expected to hold its first meeting in March 2026, the mechanism will determine how governments collaborate to prevent and respond to cyber threats; and how meaningfully non-governmental stakeholders, including business, will be able to participate.

Why it matters

The stakes could not be higher. Cyber incidents increasingly disrupt economies, critical infrastructure, and essential services worldwide. Yet uncertainty remains around how the private sector, which designs, operates, and defends the digital infrastructure underpinning the global economy, will be included in the new UN process.

ICC’s position is clear: achieving cyber resilience requires both government leadership and business expertise. The private sector’s evidence-based input is essential to ensure that international policies reflect operational realities and deliver practical, implementable outcomes.

The ICC statement: “Cyber resilience needs government action and business expertise”

“Ransomware shutting down hospitals. Attacks on energy grids disrupting entire regions. Cyber operations spilling across borders in times of geopolitical tension. These are no longer distant hypotheticals – they are today’s headlines.

The accelerating pace and scale of cyber threats is a stark reminder that the resilience of our economies and societies depends on decisions we make now. Without stronger global cooperation and practical, inclusive approaches to cybersecurity, the digital foundations of growth and trust will remain at risk.

Over the past five years, the United Nations Open-Ended Working Group (OEWG) has provided a valuable forum for dialogue among states on responsible behaviour in cyberspace. Its work has underscored the importance of consensus in such a sensitive area of international security, while also highlighting the complexity of building common ground in a rapidly evolving threat landscape.

Crucially, the OEWG experience has shown that dialogue alone is insufficient. Operational resilience requires deeper engagement with those who build, defend, and innovate within the digital ecosystem every day. The establishment of a new ‘Global Mechanism’ to carry forward these discussions is a welcome step – but its success will depend on embedding inclusivity at its core. That means not only governments, but also meaningful participation from the private sector, civil society and academia.

Global business has unique expertise and operational responsibility in this domain. Companies design, develop, build and operate the networks, defend against attacks, and innovate the technologies that power the digital economy. That is why the private sector’s voice is indispensable in shaping solutions that are practical, effective and future-proof.

Governments can strengthen global cyber resilience by:

• Building strong national institutions to reinforce security in the use of ICTs;

• Developing legislation that supports international commitments while enabling digital trade and innovation;

• Enhancing resilience to mitigate cyber threats;

• Strengthening international cooperation and capacity-building, especially for developing economies;

• Protecting critical infrastructure and improving incident response;

• Improving supply-chain and product security; and

• Increasing transparency in the attribution of malicious activities.

To realise this vision, we urge UN Member States to:

• Institutionalise meaningful stakeholder engagement in the design of the Global Mechanism;

• Leverage industry expertise in developing norms, confidence-building measures, and threat assessments;

• Prioritise transparency and accountability in negotiations and implementation; and

• Recognise the vital role of private actors in defending against cyber threats.

The cyber domain cannot be secured by governments alone. The new Global Mechanism offers an opportunity to embed multistakeholder participation as a foundation for progress. Only through processes that fully integrate private-sector expertise can international frameworks achieve both legitimacy and operational impact.

As global business, we stand ready to contribute constructively to the next chapter of cyber diplomacy. The threats are real, but so is our collective capacity to meet them – if we work together.”

A call for Dutch engagement

For the Netherlands the UN’s new Global Mechanism offers a critical opportunity to shape the international governance of cyberspace.

ICC Netherlands invites its members and partners to help amplify this message by:

• Sharing ICC’s statement with relevant contacts in government

• Highlighting the importance of business expertise in cybersecurity and digital infrastructure resilience;

• Engaging with ICC Netherlands’ Digitalisation working group to explore how Dutch industry can contribute practical insights to global discussions.