GC3B: Mainstreaming cyber resilience and development agenda | IGF 2023 Open Forum #72

Allan Cabanlong

The Global Conference on Cyber Capacity Building (GC3B) brought together experts and decision-makers from all over the world to discuss the importance of addressing digital risks and strengthening cyber resilience. The conference highlighted the fact that the digital world has a profound impact on every aspect of our lives but also presents numerous risks that need to be addressed.

One of the main arguments put forward at the conference was the necessity for individuals and nations to be aware of these digital risks. It emphasized that simply being aware of these risks and their potential impact is not enough. Resources, knowledge, and skills are required to effectively mitigate them. The speakers stressed the need for investment in the digital future and the importance of every country having the resources and expertise necessary to navigate the challenges posed by the digital transformation.

The conference also emphasized the need for global collaboration in cybersecurity. It recognized that no single nation can tackle these challenges alone and that nations need to work together and support each other to keep up with the rapid pace of the digital transformation. Collaboration was seen as crucial not only for addressing current challenges but also for staying ahead of emerging threats and technologies.

The aim of GC3B was to support and strengthen global cyber resilience. The conference brought together high-level government leaders, practitioners, experts on cybersecurity, and representatives from the development community. Through interactive discussions and knowledge sharing, the conference aimed to develop a global framework for concrete actions that support countries in enhancing their cyber resilience.

Cyber capacity building was highlighted as a key enabler for sustainable development. It emphasized that all nations need to prioritize building their capacity to effectively respond to cyber threats. Building robust cyber capabilities is seen as essential not only for protecting critical infrastructure and national security but also for promoting economic growth and social development.

The conference had a positive impact on inspiring other regions and strengthening global cybersecurity cooperation. The insights, ideas, and best practices shared at GC3B were seen as invaluable in inspiring other regions to take similar actions and fostering a renewed commitment to global cybersecurity cooperation.

In conclusion, the Global Conference on Cyber Capacity Building stressed the importance of being aware of digital risks and having the necessary resources, knowledge, and skills to mitigate them. The need for global collaboration and support in cybersecurity was emphasized, aiming to keep up with the digital transformation. The conference aimed to support and strengthen global cyber resilience and highlight the key role of cyber capacity building in enabling sustainable development. The GC3B conference inspired other regions and left a lasting impact on global cybersecurity cooperation.

Audience

The audience member raised several questions during the event. Firstly, they were curious about the reasons for choosing Ghana as the location for the event and asked about the availability of virtual involvement. The organizers did not provide a direct response to this, but it can be inferred that Ghana may have been chosen for its potential to host successful and impactful events.

The audience member also inquired about the organizers’ plans for the year after the event and their goals within the next three years. No specific plans or goals were mentioned, which implies that the organizers may not have disclosed this information. However, it is important to have long-term plans and goals to ensure the sustainability and continuity of initiatives like the Accra call.

Speaking of the Accra call, it was stated that achieving its objectives, as outlined in the Accra call document, will take a considerable amount of time. This indicates that the goals and aspirations laid out in the Accra call cannot be accomplished within a short period, such as six months or two years. It is crucial to understand that long-term commitment and efforts are required to bring about significant changes and advancements.

The concept of effective capacity building was also highlighted during the event. The audience member pointed out the importance of tailoring capacity building efforts to the specific needs and demands of the recipient country. It was emphasized that capacity building should be demand-driven, ensuring that the recipient country can absorb and sustain the knowledge, resources, and skills provided.

Furthermore, legislators were recognized as playing a vital role in sustainable cyber capacity building. It was stated that involving the legislators and helping them understand the value and importance of sustainable cyber capacity building is crucial for securing adequate budgetary resources. This acknowledgment highlights the need for collaboration and communication between policymakers and industry experts to ensure the allocation of necessary resources for successful capacity building programmes.

During the event, the issue of donor coordination was addressed. It was emphasized that de-conflicting between donor countries is essential to avoid duplication of work and optimize resource allocation. The Sybil Portal was mentioned as an existing tool that can be utilized to prevent overlap and promote effective coordination among donors.

In the context of cybersecurity, collaboration and coordination were emphasized as key factors for success. It was noted that going solo in cybersecurity initiatives is not effective; instead, collaboration and cooperative efforts are necessary. This is particularly relevant in the Pacific region, where countries are at different stages of cybersecurity development. The audience member highlighted the importance of ensuring that no country is left behind and called for coordinated efforts to address cybersecurity challenges collectively.

In conclusion, the audience member raised various insightful questions and concerns during the event. They inquired about the choice of Ghana as the event location, the availability of virtual involvement, plans for the future, and the goals of the Accra call. The concept of effective capacity building, the role of legislators in sustainable cyber capacity building, and the need for donor coordination were also discussed. Collaboration and coordination in cybersecurity efforts were emphasized, especially in the diverse Pacific region. Overall, the event provided valuable insights into the challenges and opportunities in event organization, capacity building, and cybersecurity.

Liesyl Franz

The involvement of the United States government in international cyberspace security and capacity building is vital for the development of knowledge, skills, and infrastructure in other countries. Over time, the US has increased its funding and activity in this area, moving from just one person to providing significant support to initiatives such as the Global Forum on Cyber Expertise (GFCE) and the Global Conference on Cyber Space (GC3B) which aim to improve coordination and dialogue on cyber capacity building.

Recognizing the interconnected nature of cyberspace security and digital development, efforts are being made to address both areas together. Bridges are being built to bridge the gap between these two domains, ensuring progress in connectivity without compromising security. The goal is to digitize societies while also making them resilient to cyber threats.

The United States is a strong advocate for multi-stakeholder community discussions, which include donor countries, recipients, implementers, the private sector, and academia. Initiatives like the GFCE and GC3B facilitate engagement and effective cyber capacity building. The US actively participates in these conferences through a high-level interagency delegation.

Efficient capacity building depends on tailoring the approach to the specific needs of each country and ensuring its absorbability. Sustainability is another crucial aspect of capacity building, requiring long-term viability and continuous support.

Additionally, capacity building efforts should address immediate responses to crises. The United States highlights the importance of addressing urgent needs in countries facing crises like Ukraine, Albania, and Costa Rica. This demonstrates the necessity for capacity building to be adaptable and responsive.

Financial resources are vital for providing assistance in capacity building and other areas. Adequate funding is necessary to implement programs and initiatives effectively.

Emphasizing the benefits of cybersecurity efforts can encourage investment and political support. By highlighting the positive outcomes and advantages of cybersecurity measures, it becomes more likely that resources will be allocated to support and advance these efforts.

In terms of training, it is recommended to provide in-country, on-site training for better integration of cybersecurity measures. This tailored approach directly addresses the specific needs and challenges of each country. Continuous learning is also seen as beneficial in the field of cybersecurity, allowing individuals to stay updated and take advantage of professional development opportunities even if they are unable to travel for training.

In conclusion, the United States plays a pivotal role in international cyberspace security and capacity building. Their involvement includes financial support, hosting conferences, and promoting multi-stakeholder engagement. The interconnectedness of cyberspace security and digital development is recognized, and efforts are being made to address these areas together. Capacity building should be tailored to the specific needs of each country and focus on sustainability. Immediate responses to crises are essential, and adequate financial resources are necessary for providing assistance. Emphasizing the benefits of cybersecurity efforts can drive investment and political support. In-country, on-site training and continuous learning are recommended for better integration and professional development in cybersecurity.

Keywords: United States government, international cyberspace security, capacity building, funding, Global Forum on Cyber Expertise (GFCE), Global Conference on Cyber Space (GC3B), cyberspace security, digital development, multi-stakeholder community discussions, sustainability, immediate responses, financial resources, cybersecurity efforts, in-country training, on-site training, continuous learning.

Christopher Painter

The Global Forum on Cyber Expertise (GFC) is an organisation devoted to promoting cyber resilience and capacity building in line with sustainable development goals. An important initiative of the GFC is the ACRA Call to Action, which seeks to enhance cyber resilience in development and foster sustainable capacity building. This call to action is aimed at countries, regions, the private sector, and the technical community, with a focus on promoting cyber resilience, advancing effective cyber capacity building, strengthening partnerships, and enhancing resources.

Christopher Painter, a strong advocate for cyber capacity building, emphasises the significance of aligning with development goals. He believes that consultation and community input are crucial for the success of the ACRA Call. To ensure community engagement, a mature draft of the ACRA Call will be circulated for public comment by the end of October. The GFC also plans to engage the community through public consultations at various events, such as the Paris Peace Forum, Singapore Cyber Week, and the IGF session. Their objective is to address major concerns and incorporate new ideas and input into the ACRA Call.

Due to COVID restrictions, the GFC had to change the location of their first conference, originally planned to be held at the World Bank in Washington. Instead, they see an opportunity to hold the conference in Ghana, a country with unique needs in the field of cyber resilience. The government of Ghana is supportive of hosting the conference. Efforts are being made to facilitate virtual participation for those who are unable to attend in person, ensuring robust virtual connectivity.

The GFC places emphasis on involving the global south and securing legislative and leadership buy-in for sustainable cyber capacity building. They highlight the need to integrate cyber resilience into national plans and view it as an integral part of broader development strategies. They also stress the importance of respecting human rights and the rule of law in any declaration pertaining to cyber resilience and capacity building.

In terms of governance, the GFC aims to integrate improved governance practices into their work. They advocate for building partnerships, local leadership, and coordination among developing countries. By fostering the leadership of developing countries in coordinating cyber capacity building efforts, the GFC seeks to create stronger partnerships and enhance long-term sustainability.

Additionally, the GFC underscores the importance of information sharing and coordinated efforts among donor countries to avoid duplication of work. Regular meetings are held for donor countries to collaborate and exchange information. They also advocate for strengthening existing organisational structures rather than creating new ones, ensuring greater sustainability and efficiency.

Financial resources play a critical role in cyber resilience activities, and the GFC calls for maximising existing financial streams, including international development financing, domestic resource mobilisation, and private sector involvement. Drawing from the development community, they propose utilising models to measure sustainability and incorporating cyber resilience into integrated national financing frameworks.

To ensure professional development and capacity building, the GFC aims to professionalise the cyber capacity building community and promote human rights-based and gender-sensitive approaches. They also underscore the need for project prioritisation and the creation of measurement tools to assess the results and impact of projects.

In conclusion, the GFC is passionately committed to promoting cyber resilience and capacity building aligned with sustainable development goals. Through initiatives such as the ACRA Call to Action, partnerships with developing countries, and efforts to maximise financial resources, they strive to create a more secure and resilient cyber landscape. Their focus on consultation, community input, and collaboration reflects their commitment to inclusive and sustainable cyber capacity building efforts.

Tereza Horejsova

During the analysis, several important points were highlighted by the speakers. One of these points focused on the International Governance Forum (IGF) being described as a hybrid event. This means that the IGF combines both in-person and virtual elements, allowing for greater participation and connection from around the world. The IGF is seen as a significant platform for global networking and exchange of ideas.

Another key topic discussed was the Global Future Council (GFC) organising a major conference in Ghana, with a strong emphasis on partnerships for the goals. The conference aims to bring together various stakeholders to collaborate and work towards achieving the Sustainable Development Goals (SDGs). The GFC’s commitment to partnerships highlights the importance of collective efforts in addressing global challenges.

The analysis also focused on the ACRA call, which sets guidelines for efficient global action on cyber capacity building. This highlights the need for effective coordination and collaboration in addressing cybersecurity challenges worldwide. The call serves as a roadmap for enhancing cyber capacity and ensuring the global community is better equipped to mitigate digital risks and threats.

The digital world was discussed extensively, with a recognition of its vital role in essential areas such as food, water, and healthcare. The digital world enables connections and facilitates communication, leading to improved access to resources and services in these critical sectors. However, it was also acknowledged that digital risks are associated with the digital world. This emphasises the need for strong cybersecurity measures and proactive efforts to address potential threats.

Efficient resource use and better coordination were identified as crucial factors for enhanced global support. The analysis highlighted the importance of using limited resources effectively and establishing better collaboration among countries. This includes linking different communities in cyberspace and improving coordination to ensure optimum efficiency in resource utilisation.

The Sybil portal was discussed as a valuable resource for mapping various cyber capacity building projects. This portal allows for easy access to information on projects already implemented or currently ongoing and enables filtering based on specific regions or countries. The portal serves as a tool for tracking and analysing global efforts in cyber capacity building.

Furthermore, the analysis highlighted the necessity of building on previous projects to plan new activities effectively. This approach avoids duplicating efforts and optimally utilises limited resources. By learning from past experiences, countries can enhance their planning and implementation strategies, leading to more impactful outcomes.

Another noteworthy observation was the importance of collaboration among countries. By working together and sharing their expertise, countries can achieve more efficient use of resources and tackle challenges collectively. The analysis emphasised the significance of partnerships and collective action to promote sustainable development and address global issues.

In conclusion, the analysis provided valuable insights into key topics such as hybrid events like the IGF, major conferences organised by the GFC, the ACRA call for efficient global cybersecurity action, the role of the digital world in essential areas, the need for efficient resource use and better coordination, and the significance of the Sybil portal and collaboration among countries in cyber capacity building. These insights highlight the interconnectedness of global efforts and the importance of cooperation in addressing complex challenges in the digital age.

Pua Hunter

Significant progress is being made in the cyber ecosystem and cyber capacity building space in the Pacific region. Initiatives such as the Pacific Cybersecurity Operational Network (PECSON), Pacific Islands Law Officers Network (PILON), Cyber Safety Pacifica, E-Safety Commissioner, and Oceania Cybersecurity Center (OCSC) are actively contributing to the development of the cyber ecosystem. They are strengthening the region’s infrastructure, legal frameworks, policies, and capabilities to handle advancements in cyberspace effectively.

The Global Forum for Cyber Expertise has recently launched its Pacific Hub, aiming to enhance cooperation and knowledge sharing on cybersecurity matters in the region. Collaboration, engagement, and coordination among stakeholders need improvement to maximize the benefits of these initiatives. Embedding these aspects in the cyber capacity building approach will enhance the region’s overall cybersecurity preparedness and resilience.

Cybersecurity is a crucial aspect of digital engagement that cuts across all sectors and impacts various cyber-related activities. Pacific leaders have recognized its importance and emphasized its individual and collective responsibility. The Oceania Cybersecurity Centre has highlighted cybersecurity in its review for several Pacific region countries, including the Cook Islands.

In terms of donor assistance, sustainability becomes a challenge when donors leave without ensuring adequate resources. Planning and resource allocation are vital to ensure the longevity and effectiveness of projects.

Regarding training and capacity building, the concept of in-country training has been proposed to enhance knowledge transfer. Bringing trainers to countries to train a larger number of individuals can improve expertise implementation and dissemination.

In conclusion, the Pacific region is progressing significantly in the cyber ecosystem and cyber capacity building. Various organizations, networks, and conferences have contributed to these developments. Enhancing collaboration, prioritizing sustainability in donor assistance, and emphasizing in-country training will strengthen the region’s cybersecurity capabilities and readiness to address evolving threats.

Tereza Horejsova:
also to everybody joining us online. I heard we had a bigger crowd online than in the room, which is always exciting, given that the IGF is a hybrid event. My name is Teresa Horejsová. I will be your moderator for today’s session, and I’m with the Global Forum on Cyber Expertise. And joining me in speaker capacity today is Pua Hunter from the Cook Islands, who is joining us online. Hello and good afternoon to you. Then we have here in the room Liesel Franz from the US government, thank you, and Christopher Painter from the GFC, the president of the GFC Foundation. My helper online for the remote moderation is Allan Tsabanlong, also from the GFC, the director of our Southeast Asia Hub. What we will try to do at this session is to actually mostly have a conversation with you. We will have a few, you know, points to get us started connected to the presentation of a, I hope, major conference that the GFC with its partners is organizing at the end of November in Ghana, the so-called GC3B, the Global Conference on Cyber Capacity Building. But we will particularly focus on one of the outcome documents that we expect will be coming from this conference, so-called ACRA call, which would set some, let’s say, guidelines and ideas for more efficient global action on cyber capacity building. And we would like to use your perspectives to help us shape what this document could look like. So, I hope that this sounds as a good plan. What I suggest that we do for a start is that we will play a very short video that should introduce the conference a little bit, and then we go to the various speakers. So, now, let’s go to the video. Now, fingers crossed that everything works. And if I may ask our dear colleagues here in the room to get Alan on screen, who will share his screen and play the video. Thank you very much. At this moment, it’s without sound. Alan, can you stop it for a sec? I don’t know if the sound issue is something we can handle in the room or on Alan’s end. It also comes with digital risks. Alan, can you start again? Oh, he can’t hear us. Sorry about that. Thank you. We can hear the sound now. And apologies for the technical glitch. The digital world touches every aspect of our lives. It enables us to connect, learn, and travel, and plays an important role in safeguarding life essentials, such as food, water, and health care. Along with huge opportunities, it also comes with digital risks.

Allan Cabanlong:
We all need to be aware of those risks. To ensure a free, open, and secure cyberspace, every country should have the resources, knowledge, and skills they need to invest in their digital future. To this end, nations should work together and support each other with these capabilities so that every country can keep up with the digital transformation. After all, a chain is only as strong as the weakest link. On 29th to 30th of November, 2023, the first Global Conference on Cyber Capacity Building takes place in Accra, Ghana, co-organized by the Global Forum on Cyber Expertise. the World Bank, the Cyber Peace Institute, and the World Economic Forum, and hosted by the government of Ghana. This conference will be attended by decision makers from all over the world, high level government leaders and practitioners, the development community, experts on cybersecurity and capacity building, the private sector, international organizations, academia from all regions and across all sectors. They will gather to acknowledge that it is paramount for all nations to have the expertise, knowledge, and skills to strengthen their cyber resilience, and to work together on developing these capabilities to ensure a free, open, and secure digital world. We must all act now on cyber capacity building, because it is a key enabler for sustainable development, economic growth, and social progress. To this end, at the GC3B, the ACRA pool will be announced, a global framework for concrete actions that supports countries in strengthening their cyber resilience. Stay tuned to the GC3B 2023.

Tereza Horejsova:
Thank you very much, Alan, for playing the video. And I hope this serves as a little bit of an introduction on what we are up to. But Liesl, if you could tell us more about why, at first place, it’s also important for the U.S. government to be involved in these efforts, and why you think the GC3B is tackling some issues that are missing on the agenda. Great.

Liesyl Franz:
Thank you, Teresa, and good afternoon, everyone. I’m Liesl Franz with the State Department in the Bureau of Cyberspace and Digital Policy, and I am responsible for our international cyberspace security unit. And one of the key elements, one of our business lines, as I have come to describe it. it is on international engagement and capacity building. And it builds upon years of efforts in building capacity around the world in various ways, including helping countries with national strategies, learning from our experience, perhaps mistakes, and also with building incident response teams and other efforts that help build institutions in other countries to address the risks that you heard about in the video. Over the years, fortunately, we’ve been able to garner a little bit more funding to provide capacity building around the world. We started with sort of one person doing cyber issues in capacity building years and years ago, and we have been able to build that out into a little bit more of activity. But what we found, first of all, is that there’s an increasing amount of demand for not only funds, but also the breadth of things that countries are looking for to be able to build up their own resources, knowledge, and skills. And other countries were also looking for ways to help provide such cyber capacity building. And I think as Chris has said in another session where he talked about the global cyber capacity building, we want to make sure that all the countries that have the means to provide resources or funding are not doing all the same thing for the same people around the world and that we are able to spread ourselves across the globe in a more. coordinated fashion, or at least informed fashion. So that is why we were supporters of the GFCE, the Global Forum on Cyber Expertise, in the beginning, and why we are supporting the conference. Because we, you know, think it’s a unique opportunity for the multi-stakeholder community and donor countries, this sort of coordinated fashion, recipients, implementers, you know, those who are actually on the ground doing the capacity building that we and others can fund, the private sector and academia to actually have discussions and dialogue to discuss the current state of cyber capacity building. What does it look like? Where is it happening? What are we providing to whom, and what are the demands that are coming from the global community? And so this comes at a critical moment when conversations at various multilateral organizations, such as the UN, say, or the International Telecommunication Union or others, look to cover capacity building in greater detail because of that growing demand. So the, as you’ve probably heard, this year’s conference, inaugural, right, conference is thematically focused on bridging the gap between cyber capacity building and digital development, and I would say maybe development writ large also, because it’s not its own, it doesn’t have to be its own thing. But it’s a unique opportunity to connect various groups and ideas that have too often been siloed, and not, Chris used to talk about silos of excellence in the U.S. government, fair point, but we see them in sort of every aspect of the world, and we want to build those, the connectivity. them. So how do we make progress on connectivity without sacrificing security? How do we digitize societies but also make sure that they are resilient? And these critical questions and these are critical questions for us in the 21st century. We’ve heard them throughout the week here and I think probably in our everyday work lives and I think all of you here and online understand that covering them in detail is important and worthwhile. So for these reasons and probably many others, the U.S. is looking forward to participating through a high-level interagency delegation led by Ambassador Fick, or Ambassador for Cyber, Space, and Digital Policy, and engage the multi-stakeholder community on these questions and probably many more that will come to the floor in the conference. So we hope to see many of you in Ghana as well and so that we can take meaningful steps toward a safer, digital, and cyber future. Thanks.

Tereza Horejsova:
Thank you very much, you know, for your remarks but also for the support of the of the U.S. government and kind of reconfirmed by the delegation that you are sending to Accra. That’s fantastic. Although the conference is called a global conference, it does take place in Africa. It is true that the Africa region is of particular importance to the GFC. It’s also a region where we have kind of progressed most with kind of the approach of regional agendas to cyber capacity building. But the main aim of the event is really like to connect the regional perspectives with the global discussions. So in this sense, it will be very important that we get perspectives from various regions. And at this point, I would like to turn to you, Pua. from joining us from the beautiful Cook Islands to tell us a little bit more about the perspectives of Pacific Island States when it comes to cyber capacity building and how you see the regional efforts feeding into the global action. I hope we have you online and we can hear and see you. Let’s give it a few seconds. Hi, Trisa, can you hear me? We can both hear you and see you, it’s perfect. Please go ahead. Thank you so much.

Pua Hunter:
Greetings, everyone. So there’s actually a lot happening in the Pacific in the cyber ecosystem and cyber capacity building space. In my view, this is a good sign because it demonstrates that nationally countries in the Pacific region are developing their own enabling environment, their infrastructure, their legal framework, their policies and plans, including their capability and capacity to deal with the development in the cyberspace. And we do receive support from our development partners such as the World Bank, Asia Development Bank, United Nations Development Program and so forth, which is a great thing and we’re very grateful. We also benefit from the initiatives of regional and international organizations who deliver cybersecurity initiatives in our region. And for example, the Pacific Cybersecurity Operational Network, PECSON, the Pacific Islands Law Officers Network, PILON, the Cyber Safety Pacifica, the E-Safety Commissioner, the Oceania Cybersecurity Center, OCSC. And just recently, last week actually, in Nandi, GFCE, the Global Forum for Cyber Expertise launched its Pacific Hub and it was a great event. And this. more, many more regional and international organisations helping us here in the region, in the Pacific region. So it’s actually a busy space, a good busy space, and these are useful initiatives, undertakings and training offers extended to our region. However, I think we need to be able to manage these events, both nationally and regionally, so we can better reap the benefit that these initiatives are intended for. It’s one thing to bring something to the ground and then leave and nothing moves from there. So yeah, it needs to be managed properly. Back in 2020, the Oceania Cybersecurity Centre hosted the Global Cybersecurity Capacity Building Conference. It focused on national approaches to cybersecurity and also engagements in the region and with the development partners. The takeaway for me from that conference was contextualising nationally and regionally through more collaboration and engagement and also better coordination. And just last week, I attended the Pacific Cyber Capacity Building and Coordination Conference, the P4C in Nadi in Fiji. The same message about collaboration and coordination was also repeated several times, but this time Accountable was also attached to this, and I think that’s a very powerful message. We need to be accountable for what we’re doing in the cyber ecosystem. For me, this message confirms that cybersecurity is our own individual responsibility as well as our responsibility collectively. So despite cybersecurity and cybercapacity building being a busy space in the region, I think it’s highlighting that cybersecurity is a very important component of our digital engagement that cuts across all sectors. sectors and across all the dimensions of cyber activities. We’ve seen that in the CMM review that OCSC did for some of the countries here in the region, including us, the Cook Islands. I’m actually encouraged that at the highest level in the region, our leaders recognized and placed emphasis on the importance of cyber security and references in the region’s high level plans, the BOE declaration, the 2050 Blue Pacific Strategy, and recently the Langatoi, the endorsed Langatoi declaration. Next month, the Pacific Islands Forum leaders will be meeting here in the Cook Islands from the 6th to the 10th of November. And in their program, I was so happy to see that they’ve got a session for strengthening cyber security arrangements. You know, again, it actually demonstrates the commitment of the Pacific leaders and leading up to the upcoming GC3B in Ghana, it sets a clear path for the region and also the fact that we’re looking at high level participation from our region. Thank you so much.

Tereza Horejsova:
Well, thank you very much. Good remarks there. And, you know, I’m happy that you also kind of called for a bit more action for things to be moving. And that’s what we are hoping that the GC3B will help with, not only to make some concrete progress on bringing the two rather siloed communities of development and cyber together, but also to bring more political attention to the very urgent issue of cyber capacity building, as Liesel stressed, but then have kind of a tangible document, you know, as an outcome. that hopefully can contribute to more concrete actions in the future. So, Chris, if I can turn to you. The document’s working title is the ACRA Call, but would you be able to tell us a little bit more about the document in the shaping that will then be basis for the discussions and inputs that we will hopefully hear from all of you here? Thank you.

Christopher Painter:
Yeah, certainly, Teresa. And just building off the prior comments to give a little context, we just launched the Pacific Hub. What the GFC does is it tries to do this exact coordination. So as Pua said, and I saw this in Melbourne at the conference we helped have a session just before the pandemic, many of the island countries are saying we get lots of offers for help, but sometimes they’re the same offers for help and sometimes we can’t actually deal with them. And so one of the reasons for being of the GFC is to take donors and implementers and recipients and try to make more sense out of this given we don’t have a lot of resources. And that really builds on another thing that was mentioned, which is the overall purpose of this conference is to, as Teresa said, to highlight and to promote this idea of cyber capacity building, which is often lost as important as it is, but also to bring these often disparate communities that don’t talk to each other very well, the cyber security capacity building community, which we know very well, but the traditional development community and the traditional development community, not just as digital development, but indeed development projects around the world. And if you think about the SDGs, or if you think about those, almost all of them are undergirded by both digital and having strong cybersecurity. If you think about development projects like water and power, we saw this in the video, they’re often controlled by cyber means and therefore cybersecurity is a foundational thing, but the communities don’t really interact that much. So one of the big outcomes from this is to really promote that integration between these two communities and dialogue. and actually leveraging each other’s efforts. If we can go to the, just move to slide five. Yeah. Okay. So, you know, obviously bringing people together, having those conversations, having that program is gonna be important, but even more important is this is meant to be a process and a call for future action. As Pua said, it’s great to have all these, like, oh, let’s do this, but it’s not that great if you actually don’t have the actions that follow it. So the ACRA call, which is the working title right now, instead of a declaration, declarations are like, we’re gonna declare this, you know, but a call is a call for action, much like the Christchurch call or the Paris call or some of the other ones that are out there, meant to be sort of a living document. And the idea is really to elevate a mainstream cyber resilience and in the development agenda and vice versa with actionable items. So going to the next slide. Okay, so that, so it’s meant to be an action framework drawing on from existing commitments, but also some new commitments in a few different areas and really a blueprint for motivation and work in this area for both the development and the cyber communities. And I should be clear, it’s not that, you know, we’re not saying the development community has to understand cyber and the cyber community doesn’t have to understand development. We both have to understand and work with each other. I think that both communities have been a little with blinders on. Now there are exceptions, the World Bank, USAID, the British Development Organization, a number of them are doing more of this. And I think that’s good, but it’s still kind of in its infancy. So it’s gonna, this is a blueprint, a call to action with the aim to elevate cyber resilience. And you may wonder why we use cyber resilience. Well, not surprisingly, when you say cybersecurity, the development community says, oh, that’s a military thing. That’s a security thing. Why are we dealing with it? Cyber resilience, it really resonates with both communities, both the cyber community and the development community. I think it is really what our overall goal is, resilience. So, it’s to elevate that, promote capacity building that supports larger development goals. Go to the next slide. So, and I should say that this document is still in development. We hope to circulate a somewhat mature draft at the end of October for comment, for community comment, and welcome your comments then. But today, we want to kind of give the conceptual framework and get some thoughts from you. We think it matters now, as Teresa said, because we’re at an inflection point. We’re at this point where these development projects are getting more dependent on cyber technologies and digital technologies. And we really need, we can’t afford any longer to be in these separate communities. We can’t afford in terms of resources to do that either. There’s lots of resources in development. There’s not that many in cyber capacity building. But we make each other stronger by working together. And it’s meant, the call is directed to countries, including recipient countries, donor countries, regional organizations, private sector, technical community, really the entire multi-stakeholder framework that we know and love so well here at IGF. Next slide. I basically covered this. The framework is really meant to be more of a call to action with specific items that will be listed under four major categories. It’s voluntary, like most calls are. You can’t make, you can’t really reach a binding agreement, as I think any of you know, in a short period of time. But a voluntary call where people sign on or endorse, I think is very helpful. So it’s not formal signatories, but people who endorse it. Go to the next. OK, and I mentioned these four major areas, which will have various thoughts or action items under. And the four areas are, one, actions to strengthen the role of cyber resilience as an enabler for sustainable development. So that’s exactly what I was covering, that drawing this connection in very clear terms and making recommendations within that bucket in terms of how the development community and the cyber community can work and leverage each other. The second major bucket is actions to advance demand-driven, effective, and sustainable cyber capacity building. These are things like making sure you have the political will in countries to actually not just do one-off trainings, but that they really want this and you have more sustained capacity building. And that is demand driven. You heard Pua talk about this as well, that we’re simply not saying here’s a whole bunch of programs, but we’re listening and talking to people in regions and countries about what they want and what they need, and we’re matching that. Because that, again, leads to sustainability and traction and something that our scarce resources are more effective by. The third bucket is to foster stronger partnerships and better coordination. So the coordination is, again, one of the major elements here, and I mentioned this before. The whole reason we were set up is to promote coordination. There’s much better coordination, I’ll tell you now, than there was seven years ago. Still not perfect, you won’t be surprised, but there’s a lot. I mean, countries are talking to each other. Donors are talking to each other. The platform we create has allowed a lot of this to happen. It’s also happening organically in other venues too, and that’s great, but we need to amp up that coordination because, again, if we don’t do that, we’re wasting the resources. We’re not actually meeting the needs of the countries and the others who need this help. And then finally, the last bucket is one that everyone understands, which is resources. How can we significantly up the game in terms of resource commitments to this area? Much like, no one has enough money. We all understand that. No one has enough people to do these issues, but I think the SDGs have been very successful in focusing political attention and getting some resources, and I think there’s been a lot of resources devoted to those, and we’re not trying to, as they say, rob Peter to pay Paul. We’re trying to leverage each other’s resources. This is not like give it to us and not to them. This is using the resources in order to achieve the things that the SDGs are trying to do, the development community is trying to do, that we see with the same vision of how this is done, and it also allows us to learn from each other in terms of implementation modules. So those are the four major buckets, and we’d love to get input from you in those. It’s gonna be based on the conference in terms of those four buckets kind of reflected in the agenda for the conference, but the content of the declaration or the call is meant to actually be actions after the conference. It’s a set piece, but it’s really the process I talked about, and I mentioned consultation. We started with a small group of co-organizers, us, the GFC, the World Bank, the Cyber Peace Institute, and the World Economic Forum. on the steering committee who have helped fund the conference, larger group of friends and the community and we’re in that process now and that’s one of the reasons we’re here today. So I don’t need to go through all these with the public consultations. We’re here. We’re doing one now. We’re going to do one at the Paris Peace Forum. We’re going to do one in Singapore Cyber Week next week. Any possibility we have, any chance we have to engage with the community, we’re going to take and as I say, we’re going to circulate a mature draft but certainly willing to take input. So the question we have for all of you is really those four buckets that I talked about. Does that cover everything? We think it does but that doesn’t, you know, we don’t know everything and the people we’re working on don’t know everything. So we want input from you, does that, those four broad buckets cover I think the major concerns we’re talking about and are there particular barriers that we need to overcome in better connecting cyber capacity building with development goals and elevating the role of cyber resilience in development and vice versa that would lend themselves to particular action items that you would like to talk about today. And also this is an ongoing thing. If you leave this room and say, oh, I should have mentioned this, let us know. I mean, we want to hear about it. So that’s really the setup for what we’re trying to do today. We really would like to hear from you about where you think there could be progress made on this, about the overall idea and about this kind of structure and if this makes sense.

Tereza Horejsova:
Thank you very much, Chris. I think that was quite clear and now really is the time that we want to hear from you. You come from different backgrounds, different perspectives. You might have maybe come across some complications stemming from the fact that the cyber and development communities don’t interact with each other. You might have been involved in various cyber capacity building projects. So I would suggest, Alan, that we actually keep the slide with the four areas up and at this point, really, I would like to. to encourage you to share your views with us, either online or here in the room. And don’t be shy. We really want your views. Yes, and I know there are a few people in the room who are not shy. I’ve already seen my daily news. No, Michael, you will disappoint us if you don’t. May we ask you? But we need to get you on the microphone. No, no, hold on. Otherwise, the online won’t hear you. Either take this one or go there. But let me give you this one. Sorry. No worries.

Audience:
Mike Nelson with the Carnegie Endowment for International Peace. And I’ve worked with these people. Really simple question. Why Ghana? And what were the other things considered? And how much of it will be virtual? I mean, you don’t have to be there to be part of it, right?

Christopher Painter:
I think we’re trying to work on connection details so there’ll be a good virtual ability. But I’d say it’s sort of a long and storied history. I think originally, we were hoping to have it at the World Bank in Washington, which also would have posed some challenges for people on visas and et cetera. Because of various COVID restrictions, other things, that wasn’t going to work. And then we thought about a number of places, frankly. But as Teresa said, every region has unique needs. And we partner with the OAS in America’s region. We have a Pacific hub we just launched. We have a ASEAN liaison. We’re doing a lot of work in Africa. And the government of Ghana very much wanted to do this. And given all the work that we’ve been doing in Africa, setting up an African experts group, et cetera, it seemed like an important place to have. And it also was important, I think, to have the first one somewhere in the global south. I think that that was an important thing. Rather than have it in, you know, there’s lots of nice places in the north you can have it. But it doesn’t really send the right message. Then it’s like a conference of the global north talking about what they’re going to do, where this really needs to be a conversation. So that was really the rationale. And we’re quite happy about that, too. Yes, we are. very grateful to know that you know we want to get this one under a belt but in the future ones we’ll have to figure out where the next one will be like these things always work but we want them to be representative and so we certainly want to get people from all over the world as I said this is in Africa but

Tereza Horejsova:
it’s not just an African conference thank you very much Chris also for the question address please including hopefully even on the substance of the of the document in the making any takers please please go ahead Sparky thank you and yes if you can also introduce yourself and your institutional affiliation thank you thank you Sparky from yeah Sparky from JP said thank you for your presentation my question is obviously what is what what are written on Accra Accra call cannot be achieved like six months or

Audience:
two years it has it should have you know it may take more than few years to you know to reach the level you like to you like to achieve so my question is other than you know your short time goal launching the call maybe after a few months is is there any plan for like year after or maybe go your goal within next three years thank you yeah so that’s why I said for each of these categories the idea is to have several more specific goals and although they’re

Christopher Painter:
not gonna have I don’t envision them having strict time frame saying this is gonna be done in like 90 days or it’s something like that we are going to monitor them we’re gonna look at them you know after six months after a year see what progress is being made when there is a second one of these conferences as we said this is the inaugural one that’s often also a stock taking but where there’s lots of opportunities for stock taking and very much the idea of a call is unlike a more general declaration is to make sure we’re making progress. You know, we don’t want this to become shelfware, as many things become, and then you never look at it again. So that’s a thought process. Now, you know, people are going to make progress at different rates in different parts of the community. We’ll implement them in different ways. That’s why it’s voluntary. But we want to track and even go back to the parties who support these efforts and say, OK, well, what have you done? Not in an accusatory way, but in a way that just says, are we making progress? Thank you, Sparky.

Tereza Horejsova:
Thank you, Chris. Others? Liesl, yes? There you go. Stereo.

Liesyl Franz:
I think, well, first of all, I would say that I think the US government has had some input into as part of the concentric circles that Chris was talking about as far as the consultation about the conference and the substance of the call. So I’ll say this in my capacity and not necessarily prejudge or undermine anything we’ve said into the process. But one of the things that I think comes under the action B, the second bucket on effective capacity building, is looking at the ability for any particular country to absorb a certain amount of capacity building at any given time. Do they have the institution before they get a deluge of funding for something that’s sort of amorphous or doesn’t quite fit the need? So demand driven, but also tailored. enough to the recipient so that it can be effective and I think also sustainable. The other thing that we have been grappling with is that, to Sparky’s point, I think about the fact that foreign assistance and capacity building is often a long-term investment over time and takes time for the knowledge, skills, and institutions to develop before they can have the full impact that you want. But we have been grappling with more emergent or urgent response in some of the crises, I suppose, for lack of a better word, that we’ve seen in Ukraine and Albania and Costa Rica and so that might be an element of effective as well in the second bucket, although I would also think it could be captured in the third bucket as far as partnerships and coordination. Of course, I think everything relies on D, which is the financial resources, but even if those aren’t in text in the Accra Call, I think those are two things that we in the United States are looking at when we’re looking at these days as far as our strategic approach, our strategic outlook for some of the capacity building that we’re trying to do now.

Audience:
Thanks, Liesl. Thanks, Liesl. I’m all choked up, I’m all choked up. Others, please? Online, too, if people have comments. Yes, please go ahead, yes. Okay, my name’s Casey Rout, and Das Franz is actually my boss, so I’ll pose this to Chris so I don’t put her on the hot seat, but we had a conversation yesterday, and I’ve been kind of thinking about this a little bit more, and it goes. to be of a sustainable cyber capacity building. And so after the donors and trainers leave, you know, the countries need budgetary resources to continue, you know, the hardware, the software, the knowledge, the training. So how do we work, what’s your view on involving legislators in training them, having them understand the value of this so that they create the budgetary resources we need to really have sustainable capacity with cybersecurity and governments? And how do we better integrate them, whether it be through GC3B or other ways?

Christopher Painter:
Yeah, look, I think that’s a big issue. And that goes to the political will and the sustainability point. So, you know, there are two aspects of that. One is getting the country buy-in at a legislative and leadership level. And I agree that maybe those are some things we can work into this. Another is, you know, under that last bucket, unlocking the financial resources. You know, there are a lot of financial streams that are available and used in the development community. And there are models the development community uses to measure sustainability, to make sure that their dollars and pounds and pesos and other things are, yeah, are actually well spent. And it’s, you know, not just one off. So I think there’s a lot we can learn from the development community, too, in terms of the tools they use. So for example, one of the things that we’re thinking of having as one of those action items is to identify and employ the full range of financial streams available for financing of national cyber resilience activities, including international development financing, domestic resource mobilization, which really goes to your point, private sector, incorporation of cyber resilience and integrated national financing frameworks. And that’s exactly your point, I think. So it’s not just an add-on or like some boutique little bubble over here. It’s actually part of the larger plan. So I think that’s the kind of wording we’re thinking about now,

Tereza Horejsova:
but I think that helps put that into some relief. So thanks for that. And I’m really glad that we are talking about the, you know, practicalities connected to budgets and money, because also, as Chris pointed out, But I mean, no one has enough money, budget, no one.

Christopher Painter:
If you could all leave a check on the way out, that would be helpful. No one has enough people. Mike, you just leave your credit card and your pin and we’ll be fine.

Tereza Horejsova:
Yeah, that’s why it’s a little bit also makes the situation inefficient. And we should make sure that the resources are used efficiently, which wouldn’t be necessarily happening if we do not connect these two communities, but also if we do not connect more on kind of coordinating cyber capacity, building support globally, which is kind of the main raison d’etre of the GFC. Because we do have a speaker online and because she is online, I don’t want to kind of put her in the shadow. So, Pua, please give us a sign if you want to chip in. Otherwise, we will continue the discussion in the room. And I also know we have – okay. So, yes? No? Sorry. I know we have one comment online from Alan on Southeast Asia. So, please go ahead now. Okay, we cannot hear you. Hello, good morning. Can you hear me now? Yeah, and maybe let’s remove the slides so that we can see you properly, Alan. Thank you. Yes, good morning, everyone. Yes, the GC3B Conference on Cyber Capacity Building.

Allan Cabanlong:
This will inspire other regions and leave with a renewed commitment for global cybersecurity cooperation. So, it’s very important for Southeast Asia, not just the Pacific as well. in other regions so that they will be inspired to globally engage with other regions as to capacity building efforts and share insights and ideas and good practices in that they can learn in the GCTP. And I would also take this opportunity to invite everyone next week in the GFC regional meeting in Singapore during the Singapore internal cyber week. And this will be again discussed there during this, I mean next week.

Tereza Horejsova:
Thank you so much. Thank you very much, Alan. And you know, if any of you are traveling to Singapore for the Singapore international cyber week, please let us know, you know, so that we make sure that you’re also part of the part of the conversation. Any other reflections either online or here in the room, please. Please go ahead. Hello everyone. Sorry.

Allan Cabanlong:
My name is Guus van Zwolle and I’m with the Dutch government and we are very supportive of course of the GFCE. They’re run by our colleagues at the same team. We recently as the Netherlands have published our new international cyber strategy where we also lay a big layer foundation of our strategy is cyber capacity building. But we do tie it in it to also supporting countries that are receiving the cyber support to also adapt their regulatory frameworks in order to make sure that these cyber capacities are being run in a framework that’s with respect for rule of law, international human rights standards. And I was wondering what your perspective on that would be and if that would also be a part of the GC3B conference. Thank you very much. Yeah, I think, you know, there’s parts of any kind of declaration or call and one of them is sort of the preamble that sets it out and certainly respect for human rights.

Christopher Painter:
And, you know, we don’t get really get into the regulatory framework as much, but rule of law, yes. And then the action items are more, I think more tailored to other things. though there’s some of that mentioned there too. But that is certainly a goal. We want to integrate that better governance and respect for human rights. And this is like foundational to the GFC certainly too, going forward as we do this. And that’s indeed what the development community does too. So that’s another place where there’s a good nexus, I think. Thank you. Also- So Teresa, if you have thoughts, or Pua, if you have thoughts or- And Pua has thoughts actually. So Pua has thoughts. So a second attempt to connect you, Pua, please.

Pua Hunter:
Thank you, Teresa. Sorry. I actually wanted just to circle back to the comment earlier on from one of our participants here about the sustainability. So right, sometimes when our donors come and assist us with something and then they leave and there’s no continuity, we need to look at how we can resource ourselves properly so there’s sustainability attached to it. Also from the meeting last week in Nandi, participants were talking about these trainers coming into the country, into the country, so that there’s more of us to be trained at one given time rather than one person going to a regional or somewhere where the trainer is able to train many countries, but one or two from each country. So the idea is to bring the expertise and train more on the ground rather than one or two going out to be trained. Because the other issue with that is the knowledge learned from these trainings overseas may not be transferred back or appropriately transferred back in country. So again, those needs to be looked at appropriately.

Tereza Horejsova:
Thank you so much. Thank you. Thank you, that’s a very concrete suggestion there. Any other reflections, comments?

Christopher Painter:
I just want to say that I totally agree with that and we’ve seen that, so I’m not sure which, it fits under several buckets, but one place that we’re trying to reflect that now is under the third bucket of fostering stronger partnerships and better coordination. And one of the things we’re thinking of under that is a bullet or something that would say fostering the leadership of developing countries in coordinating CCB efforts in close cooperation with donors and others. So it’s not, it’s more locally owned as well, and I completely agree that just having a whole group of people descend on the country and then leave again doesn’t actually help in the long term. So you do want to have, you know, there’s another part in the last bucket where we talked about systemizing south-south and triangular cooperation. So again, it’s not just, you know, a whole bunch of people landing on your shores and then leaving again, but really kind of building this in more permanently. Kind of the train-the-trainers logics in that. No, thank you very much, Chris. Any other reflections? Please, go ahead.

Tereza Horejsova:
Thank you.

Audience:
Hi, Linda Maisels from the State Department. So I’m interested in de-conflicting between donor countries and how we can use the GC3B and GFCE as a mechanism for doing that. That would also involve not reinventing the wheel, so if there are tools that already exist that there’s no reason to do them again. How do we find them? How do we, for instance, use an existing tool like the Sybil Portal to make sure that we are not doing the same work over and over again? And how do we get donor countries to speak to each other?

Christopher Painter:
Thank you. And that’s the raison d’etre for why we were created is for that very purpose. And indeed, when we were in the Pacific, when we launched in the Pacific Hub, we had a sort of side meeting, which I guess we do every couple months of the donor countries. They are a core group of donor countries, which they found very—this has been at their request so that they can share information with each other. Now, you know, it’s never going to be perfect because countries have their own priorities and that’s the way the world works, and that’s fine. But I think they welcome the ability to share that information to find out what someone else is doing because sometimes it’s like, well, we don’t need to do that or we can join your efforts, right? And we were not—we don’t want the Accra call to create new, giant new structures. You know, that I think is not helpful. We leverage the structures we have. Many of you know, who’ve been following some of the debates in the OEWG, there’s this debate, should we create a new, you know, ecosystem? Well, why would you do that with the scarce resources you have when you need to leverage what’s there? So, for instance, under the coordination, the third bucket, one of the things we specifically say is utilize existing coordinating nation platforms like ours, for instance, to better coordinate and de-conflict and have the kind of donor dialogue that you’re talking about and strengthen them, you know, so make them more participatory, get more people involved in them. So, I think that’s what we’re trying to do. You know, take what we have, make it stronger, and be more effective with the resources we have.

Tereza Horejsova:
Thank you very much, Chris. And maybe just to add, because Linda also mentioned the Sybil portal, you know, it’s available on sybilportal.org and it’s kind of a resource where we try to map various cyber capacity building projects. globally, it’s possible to, you know, filter on specific regions, specific country, and, you know, get the information on already implemented or currently ongoing projects. And why is that important? Because to be able to plan, let’s say, a new activity in a specific country, it is kind of a good idea to build on what others have done so that there is, to the extent possible, a little bit less duplication of efforts and ultimately, again, more efficient use of the limited resources available for these activities. Any other comments or inputs? Susan? Please. Susan Garoé from our Pacific Hub, please go ahead.

Audience:
Thank you. Thank you so much. I’d like to also just say on what Linda has said when it comes to de-conflicting interests when it comes to donors. What we notice is that we’re living in an era where collaborations and corporations is a strength going forward. Going solo, an individual, is not effective anymore. And there are many reasons to it. And in the Pacific, one of the things that I noted is we are on different parts when it comes to cyber security. Some of us are more advanced. Some of us are just taking baby steps. And with this well-coordinated effort, we ensure that no one is left behind. And we make use of all the resources that we have. So that’s a plus on these types of platform.

Tereza Horejsova:
Thank you. Thank you very much, Susan.

Liesyl Franz:
Definitely a good comment there, if there are no other comments. So yes, Lisa, and then Chris, yes? Thanks. So this conversation has actually spurred a couple things for me that maybe to add to the thought process going forward. One is that, you know, we talked about in the video. And a lot of the conversations here have been about the cyber security efforts to address the risks and that there is a cost to doing so. But there’s also, I think, many benefits to providing cyber security efforts in the processes and digitization and digital transformation efforts that countries are going through right now. And I think finding a way to emphasize the positive because when we talk about funding or we talk about political will or we talk about, okay, funding or political will, those are pretty important. Sometimes it’s hard to say, well, we’ve got, we have to make this huge investment in cyber security for something may never happen. But I think perhaps changing some of that rhetoric to providing cyber security for the betterment of economies and digitization and investment in economy. That might be something to, if a development bank builds a bridge, it’s a positive, right? So maybe thinking about what the analogy is there for cyber. And then secondly, I really appreciated Pua’s comment about wanting to have the ability for training in country and on site so that it is well integrated into the, whatever phase of development that that institution, the country agency is in. But I think perhaps we can also talk about the various types of training or capacity building that can happen. and maybe thinking about it in stealing a page from the legal community, continuous learning or continuing education so that there’s a, you know, sort of fundamentals and then things that will help individuals even if they have to go somewhere else to get it. We know that not every, you know, cert for example can send all their people to a training and outside the country at any given time, but perhaps there are ways that individuals who have, you know, been trained in country can then take advantage of continuous learning opportunities going forward. Anyway, that’s just a reaction to a couple things that people have said here and if it’s able to be captured and there’s interest by others, then perhaps some way to think about it.

Christopher Painter:
So thanks for that. There are a couple of things that, you know, as I heard some of the comments, I just like to know. First of all, we welcome your continued feedback. Does the structure make sense? Are we missing a whole, I don’t think we are, but are we missing a whole group of things that we should be addressing? I think the comments I’ve heard would fit into those four buckets in some level. You know, to the question was asked by our Dutch colleague earlier, one of the proposed things we’re thinking of putting under the second bucket is professionalizing cyber capacity building community of practice with tools and guides to help stakeholders put into practice established principles, including human rights-based and gender sensitive approaches to CCB. So that is built into at least our thinking right now. It has to be put on paper and actually kind of wordsmith negotiated among folks, but that’s certainly there. And also this idea of doing a better job of creating tools where we can measure the results. And that’s where the development community is pretty good, you know, or at least I think they’re pretty good. They have these tools where they measure the result of our project, because that then helps them decide where they’re going to invest in. And the other thing they do well, which I think we need to figure out how to do, is to prioritize. One way is to link it to critical national resources. Big projects are going to make a big difference where cyber is going to be critically important. You know, figuring out how to prioritize too, I think will help too. and learning from each other on that. So those are some of the areas. But I’d say, again, we have a couple more minutes left. Do you have any input or things you think should be in there or thoughts? But also, welcome input afterwards. So you have four minutes, right? Four minutes, so take advantage of it. Structure, any one of these, any comment, any suggestion you’d like to see.

Tereza Horejsova:
And yes, it’s before lunch, so we respect that. And anyway, it’s time to wrap. But thank you very much, Pua, Alan, online for your support, Liesl, and Chris here in the room, and in particular to all of you online and on site. To those of you here in the room on your way out, we have prepared some more resources on GC3B and some goodies as well. So you might take it home with you. And as this is the last day of the IGF, let me also wish you very safe travels back home and see you around. Thank you very much. And I should thank you all for being here. I should just shout out to Teresa for organizing this. And Teresa has also been on the Multistakeholder Advisory Group for the last several years. And she’s rotating off that, so thank her for all her efforts in the IGF too. Thank you.