Developing cybersecurity norms and global normative cybersecurity behaviors play an increasingly critical role in global cybersecurity governance. This paper takes a longitudinal approach to analyze cybersecurity norms development activities during the period 1997–2020. A total of 206 individual cases were collected, and 233 individual cybersecurity norms were identified and compiled into 25 subject categories. Categorizing the norm subjects alongside the frequency of cases and norms identified each year allowed for a longitudinal view of cyber norm activities and the evolution in developments over these years. This examination enables us to categorize cybersecurity norms, including their dynamic focus and evolution patterns. By studying those viewed as “successful,” we gain guidance regarding the construction of global cybersecurity governance in the digital age.

Developing cybersecurity norms and global normative cybersecurity behaviors play an increasingly critical role in global cybersecurity governance. This paper takes a longitudinal approach to analyze cybersecurity norms development activities during the period 1997–2020. A total of 206 individual cases were collected, and 233 individual cybersecurity norms were identified and compiled into 25 subject categories. Categorizing the norm subjects alongside the frequency of cases and norms identified each year allowed for a longitudinal view of cyber norm activities and the evolution in developments over these years. This examination enables us to categorize cybersecurity norms, including their dynamic focus and evolution patterns. By studying those viewed as “successful,” we gain guidance regarding the construction of global cybersecurity governance in the digital age.