The international cybersecurity regime typifies the rise of informality in modern global governance. Despite the increase in sophisticated cyber operations globally, states do not embrace formal multilateral cooperation to prevent and mitigate them. The article addresses how informality has shaped engagement between states and non-state actors on cybersecurity, and why it has persisted for a long period of time. 

By introducing a special issue that highlights various dimensions of informal international cybersecurity governance, this article analyses two major factors that deepen informality: multipolar geopolitics, which has made formal cooperation difficult, and the rise of non-state actors, whose technical standards not only emerge as de facto governance standards, but who have also engaged in cyber diplomacy through informal channels. As much as one tries to make sense of informality in cybersecurity governance, some developments are simply too complex or multifaceted to offer parsimonious explanations. The article calls for greater attention to be paid to the substantive outcomes of informal institutions to understand their stickiness in regimes.   

• cybersecurity
• diplomacy
• geopolitics
• non-state actors