‘Delhi Declaration’ for responsible state behaviour in cyberspace for G20 countries

Lt. Gen. Dr. Rajesh Pant, the National Cybersecurity Coordinator, on June 5, outlined a draft of what he called the “Delhi Declaration,” a series of commitments to “responsible state behaviour in cyberspace” for G20 member countries, drawn from existing non-binding norms that they have already signed onto under United Nations auspices. If adopted, G20 countries would commit to “not damage critical infrastructure or other essential … systems; commit to cooperate, mitigate and investigate cyber incidents, and other malicious activities in cyberspace, in particular when it comes to ransomware; commit to protect and not disrupt software supply chains; commit to respect international law and rule of law in cyberspace; and finally commit to protecting the humanitarian sector,” Dr. Pant said, reading out the draft. “Vulnerabilities will continue to exist as long as we depend on systems that are based on hardware and software, and increasing software-isation,” Dr. Pant said. “If vulnerabilities continue, then cyber attacks will continue to take place at a pace faster than what they’re doing now, because of various reasons, including the latest generative Artificial Intelligence.” Industries will have to “build resilience,” Dr. Pant said, by building a competent “cyber workforce,” establishing standard operating procedures for firms, and with international cooperation.