United Nations
A/RES/58/199
General Assembly
Distr.: General
30 January 2004
Fifty-eighth session
Agenda item 91 (b)
Resolution adopted by the General Assembly on 23 December 2003
[on the report of the Second Committee (A/58/481/Add.2)]
58/199. Creation of a global culture of cybersecurity and the
protection of critical information infrastructures
The General Assembly,
Recalling its resolutions 57/239 of 20 December 2002 on the creation of a
global culture of cybersecurity, 55/63 of 4 December 2000 and 56/121 of
19 December 2001 on establishing the legal basis for combating the criminal misuse
of information technologies, and 53/70 of 4 December 1998, 54/49 of 1 December
1999, 55/28 of 20 November 2000, 56/19 of 29 November 2001 and 57/53 of
22 November 2002 on developments in the field of information and
telecommunications in the context of international security,
Recognizing the growing importance of information technologies for the
promotion of socio-economic development and the provision of essential goods and
services, the conduct of business and the exchange of information for Governments,
businesses, other organizations and individual users,
Noting
the
increasing
links
among
most
countries’
critical
infrastructures — such as those used for, inter alia, the generation, transmission and
distribution of energy, air and maritime transport, banking and financial services,
e-commerce, water supply, food distribution and public health — and the critical
information infrastructures that increasingly interconnect and affect their operations,
Recognizing that each country will determine its own critical information
infrastructures,
Recognizing also that this growing technological interdependence relies on a
complex network of critical information infrastructure components,
Noting that, as a result of increasing interconnectivity, critical information
infrastructures are now exposed to a growing number and a wider variety of threats
and vulnerabilities that raise new security concerns,
Noting also that effective critical infrastructure protection includes, inter alia,
identifying threats to and reducing the vulnerability of critical information
infrastructures, minimizing damage and recovery time in the event of damage or
attack, and identifying the cause of damage or the source of attack,
03 50652