Public and private sector entities face a growing challenge in protecting the internet against malicious actors. Cybersecurity requires both governmental and non-governmental solutions, as well public education and strong security through technical standards. Policy processes must be based on the principles of openness, collaboration, and a respect for human rights. Generally, cybersecurity vulnerabilities discovered by the government should be promptly disclosed to the entities that can fix them. Any sharing of internet users’ communications information for cybersecurity purposes should be carefully prescribed, and such information should be used only to enhance the security of data and information systems.