Cyber policy capacity building agenda
Discussions at the United Nations have largely acknowledged the pressing need for building expertise across a range of cyber diplomatic, policy, legislative and regulatory areas. National government entities and agencies do not always have the adequate capacities – in terms of skills, human resource, and institutional endowment – needed to participate substantially in the ongoing debates or observe emerging norms, rules, and principles on responsible state behaviour, or to achieve gender balance in these processes.
While international partnerships and cooperation are often recognised as a key element in the national or regional cybersecurity strategies or policy frameworks, this aspect has been so far neglected in the international approaches to cyber capacity building. Therefore, the key objective of this session is to identify how can the international community contribute to strengthening national and regional capacities to participate in the international processes on cyber issues? How to implement cyber capacity building efforts that embrace the whole-of-government approach while remaining human-centric? And finally, considering that donor and recipient countries might have different priorities and objectives, how can we ensure a more representative cyber policy capacity building agenda that reflects a broad list of priorities such as norms and international law but also economic growth and human development?
This session is co-chaired by:
Q: "South-south, north-south", "public-private partnership", "national" strategies - this is from aterminology that is anachronistic, anachronistic is a very strong term, but with a goodunderstanding of the global Internet, its grand potential, and the way the global Internet works, wemay call for an all new terminology for the global Internet, for the future, and for the present.“South-south” and “north-south” needs to be rephrased as “cross-geographical” and "global","public-private partnership" needs to be replaced with "Collaboration between stakeholders", ,"national" strategies, needs to be rephrased as "global design" for progress, around the world.
Q: gender balance is vital, it is very important. But gender isnot the only imbalance that requires to bebalanced. Thereare other disparities, for example, disparities of wealth,disparitites assoicated with georgraphy, typically referredto as North, South, disparities between ideologies andpolitical models, technical disadvantages, languages -there are multiple parameters that require to be balanced.What we require is a multi-dimensional balance, a three orsix dimensional balance with a mid point somewhere # comments as spoken, posted here for clarity, for record. When one country is a donor and another a recipient,the priorities of what are called "donor country" and"recipient country" come into play. But if CyberCapacity building, and most policies and programsrelated to the global Internet becomes global, thenevery country is both a donor and recipient at thesame time, and global priorities and global objectivesbecome paramount, with regional and nationalbenefits resulting from it, derived from it. Internet is global. Public Interest is global.
Ministry of External Relations of Cameroon
Q: hello everyone. This is not really a question but a contribution. well I really appreciate all the proposals of our previous speakers and will just like to shed some lights on our experience. so Far Cameroon has drafted a national strategy on cyber security and organized its first national forum on cybersecurity. the aim is to promote a cyber safe culture in Cameroon and collectively adress rising cyber crimes adequately. Talking about capacity building, I believe they should focus on: - tailored trainings responding to communities realities and needs; - aim towards building resilient communities; - increase awareness from every social levels , starting from children to low income populations and so on. it should use a bottom-up approach; - it should rely on a repository of good practices and experience on the field, with developed Nations willing to support developing countries in addressing gaps; - adopt a multidmensional and gender-based approach; - could lean on a voluntary trust fund created to serve that purpose; - build a global and national contact point to ensure that capacity building sessions meet the targets and objectives identified; - it should foremost be a result of member state good faith and political engagement , to see that the issue of cybersecurity is treated with the same severity as other transborder crimes, and see that there is some degree of transparency, accountability and rule of law that is respected. Thank you.
Q: @ChrisPainter - completely agree; cyber capacity building will always be a moving feast of changing goal posts (to mix metaphors!) as technology evolves and as the threats also evolve to meet increased capacity. (to Briony Daley Whitworth)
Q: Women in Cyber is one of the Good Cyber Stories 2020. You can find more info here: https://eucyberdirect.eu/good_cyber_story/women-in-international-security-and-cyberspace-fellowship/
Q: of course, unrealistic expectation would not achieve results but it is important to also underscore minimum standards and expectations and seek for implemetation and accountability realistically in terms of cordination efforts, or else, some parties may simple enagage in utter disregard of very important issues. Cyber development is important. Development issues have been challenging but it doesn't mean it should leave the agenda because of the difficulties fraught with it, hence people who make policies and laws should be reminded of what they committed to when they made such policies whether in terms of obligations, development, human rights or laws. We can't discuss cyber capacity building without considering such apsects and the basic issues with some regions. That is also very progressive.
Q: Please, What is Patrick position about IGF+ and the Digital Cooparation ?
Q: Please, What is Patrick position about IGF+ and the Digital Cooparation ?
Q: Another useful CCB resource is the Cybil Portal: https://cybilportal.org/
Q: There is a Regional Training Center on Cybersecurity in Sénégal
Q: And, though I will note later, information on The Global Forum on Cyber Expertise (GFCE) can be found at: www.thegfce.org
Wout de Natris
De Natris Consult
Q: Is there an overview of all the initiatives on capacity building? E.g. in the past years I've participated in events organised by AfrNIC, ISOC, a private Gambian company, GFCE, all on capacity building but aimed at different stakeholder groups but the same message. Is some form coordination a necessity here? (to Moliehi Makumane)
Q: GPD worked with Klee Aiken on this short brief that unpacks cyber capacity building from a human rights perspective: https://www.gp-digital.org/publication/unpacking-the-gges-framework-on-responsible-state-behaviour-capacity-building/
Q: +1 @Nnenna. It's absolutely necessary and urgent to promote the Malabo convention on Cybersecurity and Data Protections.
Q: On the point about lack of oversight and other mechanisms in some countries. Cyber capacity building needs to be part of larger capacity building efforts including efforts to bolster rule of law.
Q: A quick comment on Tomslin point about the Budapest Convention: a state is invited to join only if it meets certain criteria so the situation whereby a state with inadequate rule of law would be invited to join is very unlikely
Q: Thanks, everyone. Here is the toolkit I mentioned in case of interest: https://www.gp-digital.org/publication/toolkit-for-inclusive-and-value-based-cybersecurity-policymaking/ I also wanted to mention that inclusive capacity building and NCSS development approaches provide opportunities to operationalise norm implementation in national frameworks
Q: A question for the panel: how do we reconcile Enrico’s question about the (sometimes impractical) assumptions of donor countries regarding human rights requirements, and Marwa’s (and others) point that rights - including rights of access - must underpin all technology engagement and capacity, and are not in conflict with practicality of combatting cybercrime and malicious cyber activity? (to Briony Daley Whitworth)
Q: Two bits to emphasise w/r to cyber capacity building, from experience of DiploFoundation: - Assisting diplomats to understand technology, but also tech community, civil society and businesses to understand diplomacy and better articulate and place their positions (in line with Elizabeth's input) - Ensuring a holistic coverage of cyber-issues within (cybersecurity) capacity building activities: that is linking cybersecurity to human rights and economic developments, among other (in line with Asoke's focus on SDGs)
Q: The term multistakeholderim it self need to be cleary sort out. Diversity is everywhere even among the techies communities and the non-techies communities. Known that each of these communities are diverse too. Thank you Joyce
Q: +1 Joyce! Agree that funding should be sustainable, flexible, long-term in vision and inclusive
Wout de Natris
Q: TO follow up. More information on the new IGF Dynamic Coalition on Internet Standards (DC-ISSS) can be found through the link below. It is working on a policy recommendation on procurement, IoT security and education and skills. Capacity building is an identified topic for next year. You are invited to join as the DC-ISSS needs experts such as you to be able to provide widely accepted recommendations. https://www.intgovforum.org/multilingual/content/dynamic-coalition-on-internet-standards-security-and-safety-dc-isss (to Moliehi Makumane)
Q: To Moliehi and Asoke: Do you think countries, including South Africa and India, would want international cyber capacity building goals in the same way we have sustainable development goals? (to Moliehi Makumane)
Q: A question for Asoke: Many international cyber capacity building donors recognise challenge of measuring impact and driving metrics on cyber capacity building. How could the cyber capacity building community, from a policy perspective, learn from the Development community, in delivering and measuring the impact of cyber capacity building - in particular on subjects such as Gender and Inclusion?
Q: It would also be great to hear also how you think the industry could also be helpful.
Wout de Natris
IGF Dynamic Coalition on Internet Standards, Security & Safety
Q: Many efforts in cyber security are made in mitigation of problems, while prevention is often overlooked. Through procurement governments are able to procure more secure products by demanding existing Internet standards, guidelines and best practices to be built into or be part of the product, device or service. Whether for hardware or software, websites, hosting services, etc. This step would prevent abuse of the Internet and threats to its users considerably. Is this potential role of governments sufficiently part of your capacity building programs? (to Moliehi Makumane)
Q: To add to Chris’ point above - the GFCE features a clearing house which, a sort of matchmaking effort where states can find partnerships to work on difficult dossiers.
Briony Daley Whitworth
Q: A question for Asoke: how can the OEWG better integrate the SDGs (particularly 4 and 5 as referenced) with the recommendations and principles that will be annunciated in its report?
Q: It is good for the technical and policy communities to join together in cyber capacity building efforts, the Global Forum on Cyber Expertise tries to bring those groups together along with donors, implementers and recipients.
Q: please, Can Elisabeth give us some examples of technical communities in cyberspace?