Capacity building for safe & secure cyberspace: making it real

Event report

Cyber capacity building is now a priority in the international cooperation agenda. Through cyber diplomacy efforts, the international community supports countries and state actors in building a Computer Emergency Response Team (CERT) and drafting national security legislation. 

Three challenges were observed in the Asia-Pacific region with the APNIC’s capacity-building effort. The growth in number of users and networks led to additional pressure on the existing operators. Multilingual diversity challenges require translating manuals and documents such as best practices in different languages, as well as keeping pace with technological developments. Moreover, with the rise in remote work, building better infrastructure away from the cities is necessary.

Member States of the OAS (Organisation of American States) program of Global Forum on Cyber Expertise (GFCE) highlighted the following challenges: 

• Most decision-makers are older and cannot identify with the information required to make cybersecurity-related decisions. 
• A low offering of university courses for reducing the digital skill gap
• Gender parity in the workforce dropped after the pandemic, which highlights the need for policies geared towards including women in digital and cybersecurity roles.
• Inability of recent graduates to get cybersecurity jobs because they lack experience.

Cross-stakeholder engagement is vital because each stakeholder group brings a specific advantage. For example, It was noted that investing in domestic research-based academic programs and engaging with academics can help a country develop the knowledge required to build this national cyber capacity through a bottom-up approach.  The private sector is a collaborator (through placements, support fellowships, and internships) because certification programs often need to provide organisational experience. 

A capacity building approach connecting industries and educational institutes ensures that there is no supply-demand mismatch. It was also noted that workforce development strategies should be country-specific. The need for cybersecurity personnel varies depending on the country’s industrialisation and digitalisation level. So, it is important to promote career paths in a country-specific approach.

There is a need for more nuanced labour market inventory to ascertain how many network engineers and cybersecurity professionals are required. In the present datasets, most STEM careers are bucketed together.  

Capacity-building pathways need to be both vertical and horizontal. Horizontal capacity building helps in equipping people with specialisation. 

By Kaarika Das