Successes & challenges: cyber capacity building coordination | IGF 2023

10 Oct 2023 02:00h - 03:30h UTC

Event report

Speakers and Moderators

Speakers:
  • Tereza Horejsova, Civil Society, Eastern European Group
  • Rita Maduo Badumeleng, Technical Community, African Group
  • Anatolie Golovco, Government, Eastern European Group
  • Claire Stoffels, Government, Western European and Others Group (WEOG)
  • Hurel Louise Marie, Civil Society, Western European and Others Group (WEOG)
  • Regine Grienberger, Government, Western European and Others Group (WEOG)
  • Hiroto Yamazaki, Government, Asia Pacific Regional Group
Moderators:
  • Calandro Enrico, Technical Community, Western European and Others Group (WEOG)

Table of contents

Disclaimer: It should be noted that the reporting, analysis and chatbot answers are generated automatically by DiploGPT from the official UN transcripts and, in case of just-in-time reporting, the audiovisual recordings on UN Web TV. The accuracy and completeness of the resources and results can therefore not be guaranteed.

Full session report

Claire Stoffels

The analysis reveals several key points about cyber capacity building coordination. Firstly, there is a lack of coordination among stakeholders, leading to diverging objectives, different approaches, and duplication of actions. This lack of coordination hinders the overall effectiveness of cyber capacity building efforts.

On the other hand, successful coordination requires a inclusive, demand-driven, and context-specific approach. Cyber security transcends many communities of practice, necessitating regional collaboration and a shared understanding of the specific needs and challenges faced by different regions.

Trust is identified as a crucial component for effective cooperation in capacity building. However, building trust is challenging due to the presence of different policy fields and institutions. Luxembourg, perceived as neutral and trustworthy, has played a role in relationship building by fostering trust among stakeholders.

Another challenge is the development of scalable models for coordination. Coordinating capacity building efforts sustainably is a significant concern. Establishing mechanisms that allow for the efficient coordination of efforts while adapting to different contexts and needs remains a challenge.

Furthermore, the analysis highlights the risks posed by a lack of coordination in cyber capacity building, namely duplication of efforts and the lack of coherence. Coordinating actions and sharing information across stakeholders is vital to avoid these risks and ensure a cohesive and efficient approach to capacity building.

The importance of multi-stakeholder approaches and partnerships is emphasized. Bringing together stakeholders from diverse sectors and actively engaging them in capacity building efforts can lead to more comprehensive and effective outcomes. Luxembourg has been successful in fostering multi-stakeholder approaches and partnerships, collaborating with the national cybersecurity agency and coordinating efforts across sectors.

The analysis also points out the benefit of using coordination platforms and practitioner groups in cyber capacity building. Luxembourg has joined various coordination platforms and practitioner groups, such as the GFCE and EU Cybernet, finding them beneficial in facilitating coordination and collaboration.

The D4D Hub is highlighted as a valuable platform for exchanging information, sharing best practices, lessons learned, and improving projects. Despite the challenges in gathering information, the hub serves as an important element in project inception and formulation.

Lastly, the analysis underscores the role of donors and implementers in promoting awareness, enhancing communication, and facilitating cooperation and knowledge sharing. Claire Stoffels endorses the idea that donors and implementers have a responsibility to play a larger role in capacity building efforts.

In conclusion, the analysis identifies the need for enhanced coordination in cyber capacity building. It emphasizes the importance of inclusive, demand-driven, and context-specific approaches, building trust among stakeholders, developing scalable models for coordination, and fostering multi-stakeholder approaches and partnerships. Using coordination platforms and practitioner groups, such as the D4D Hub, can also support information exchange and project improvement. Additionally, donors and implementers should take an active role in promoting awareness and facilitating cooperation among stakeholders.

Donia

The discussion revolves around the concept of capacity-building in the context of community development and technological solutions. Both participants agree that capacity-building should be seen as a comprehensive approach encompassing various aspects, such as community awareness, legal frameworks, and governmental policies. They argue that solely focusing on technology solutions is insufficient.

The speakers emphasize the importance of adopting a holistic approach to capacity-building. This approach should involve not only technological advancements but also community awareness, including educating individuals about the benefits and implications of technology solutions. They also stress the significance of developing legislative frameworks and government policies that encourage capacity-building, as these are crucial for creating an enabling environment for sustainable development.

The participants provide supporting facts, including questions posed by online participants, which demonstrate a concern for broader aspects of capacity-building beyond technology. They also suggest that capacity-building extends beyond the requirements of SDG 9 (Industry, Innovation, and Infrastructure) and SDG 11 (Sustainable Cities and Communities) to include SDG 16 (Peace, Justice, and Strong Institutions). This highlights the extensive scope and potential impact of capacity-building beyond immediate development goals.

Throughout the discussion, the sentiment of both speakers remains neutral. They present their arguments in a balanced manner, without expressing a strong positive or negative stance on the topic. This neutral sentiment indicates a willingness to engage in an open and constructive dialogue on the subject of capacity-building and its multifaceted nature.

In conclusion, the discussion underscores the importance of considering capacity-building as an end-to-end process that encompasses technological solutions, community awareness, legal frameworks, and governmental policies. The participants argue that capacity-building should not be limited to technological advancements alone. By addressing these diverse aspects, capacity-building can foster sustainable development, promote social progress, and contribute to the achievement of various SDGs.

Anatolie Golovco

During the discussion on cybersecurity, speakers emphasised the significance of the human element in protecting computers against cyber threats. They stressed the need for individuals with the right values, ethics, and technical skills to be involved in the field. Cybersecurity is ultimately about good people safeguarding computers from bad actors.

Insufficient coordination and a lack of clarity in project objectives were identified as challenges in implementing cybersecurity initiatives. When beneficiaries lose sight of project goals midway, misalignment in project delivery occurs. This issue can be compounded by competition among donors and a lack of clarity in defining project needs. To address this, speakers advocated for improved planning and better coordination among states. States should clearly articulate project needs and roles to donors, facilitating better alignment of objectives and successful project implementation.

One proposed solution involved a three-layer mechanism for effective coordination in cybersecurity efforts. This mechanism consists of a cybersecurity council, smaller groups for peer review, and the Ministry of Economy and Digital Development, each with defined roles. This approach was regarded as efficient and conducive to better coordination, ensuring project objectives are met. The role of clear policies formulated by the Ministry of Economy and Digital Development, which help translate plans into action, was also highlighted.

Another crucial aspect discussed was the need for a people-centric approach and a re-evaluation of the cybersecurity architecture. Reducing the complexity of tools and rethinking the overall architecture are necessary steps. Speakers emphasised the importance of focusing efforts on strategy rather than merely adding layers of security to a faulty system. There should be a substantial effort invested in rethinking the ecosystem to ensure effective cybersecurity.

Throughout the discussion, it was noted that adapting project timelines to accommodate the speed of learning and the dynamic nature of cyber threats is often challenging. Donors may face difficulties synchronising their contributions with the rapidly evolving needs of the field, resulting in a focus on acquiring tools rather than developing the individuals involved. Therefore, speakers called for a greater focus on the people in the cybersecurity process, prioritising their training and education alongside procurement of tools.

In conclusion, the discussion underscored the vital role of the human element in cybersecurity. It stressed the need for individuals with the right values, ethics, and skills, alongside improved coordination and clear project objectives. A three-layer mechanism, supported by coordinated policies, can enhance coordination, and a people-centric approach, along with a reassessment of the cybersecurity architecture, may lead to more effective protection against cyber threats. Speakers called for greater attention to be given to the development of individuals in the field, emphasising their training and education as essential components of cybersecurity initiatives.

Louise Hurel Marie

The analysis emphasises the importance of better understanding and coordination among countries when it comes to supporting capacity building in specific regions. It argues that in order to avoid duplication of efforts and overloading of recipient countries, a more coordinated approach is needed. The analysis also highlights the crucial role of political buy-in for the success and sustainability of cyber capacity building initiatives. It states that without the government seeing capacity building as a priority, it becomes challenging to gain traction and achieve desired outcomes.

Another key point raised is the need to break down cyber capacity building into more specific categories. The analysis suggests that traditional cyber capacity building, capacity building for crisis response, and capacity building for conflict or post-conflict recovery can be considered as subcategories. By doing so, it becomes easier to define and address the specific needs and challenges in each area.

Insufficiencies in coordination of capacity building efforts can lead to poor sustainability measurement, according to the analysis. It argues that donor countries and recipient countries may lack effective measurements for longer-term sustainability efforts. This can result in one-off efforts or effects, with impact measurement focused on specific projects rather than holistic outcomes.

In contrast, the analysis also highlights the positive impact of longer-term programs and sustainable recommendations in capacity building. It suggests that building a longer-term capacity building program in a region could enhance sustainability. Additionally, both donors and implementers could benefit from developing and adopting broader measurements of impact beyond individual projects.

Insufficient domestic coordination is identified as a potential challenge in capacity building efforts. The analysis points out that multiple departments within a single government may conduct different types of capacity building efforts, potentially complicating coordination. Recipients might also be overwhelmed by multiple offers and struggle to designate the appropriate point of contact. This lack of coordination can lead to complications and inefficiencies in capacity building.

The analysis recommends that coordination and trust-building between countries prior to crisis assistance can enhance the effectiveness of capacity building efforts. It states that countries that have provided assistance in a crisis often had a previous relationship, highlighting the importance of trust and prior coordination. Mechanisms such as Memorandums of Understanding (MOUs) and institutionalized responses, such as the European Union’s Permanent Structured Cooperation (PESCO) framework, are cited as examples that can increase the effectiveness of coordinated responses.

Crisis response is seen as an opportunity for countries to gain political visibility and set up new coordination mechanisms to enhance sustainability. The analysis mentions the establishment of the Center for Cybersecurity Capacity Building in the Western Balkans as an example of leveraging crisis response to create new mechanisms. It suggests that the crisis response capacity building type and the broader cybersecurity capacity building can complement each other depending on the context.

Progress is reported in international-level discussions on addressing cybersecurity issues. The analysis highlights the existence of working groups on incident response and cyber diplomacy as part of the Global Foreign and Cyber Expertise (GFC) platform. It also notes that different communities meet and discuss in informal settings at the international level, indicating ongoing efforts in addressing cybersecurity challenges.

Challenges still exist at the domestic level depending on the country and culture, states the analysis. It points out that different departments in the government may have varying understandings of cybersecurity. Additionally, community engagement varies depending on the maturity of a particular stakeholder group. This suggests the importance of considering context-specific challenges and cultural nuances when designing and implementing capacity building initiatives.

Civil society organizations and think tanks are highlighted as crucial actors in bridging different communities. The analysis emphasizes their role in involving as many stakeholders as possible during the planning and designing of specific projects. Their involvement can help ensure a more inclusive and comprehensive approach to capacity building.

The analysis also suggests including recipients in the design phase of projects. Providing a bigger inception phase, where stakeholders can engage and provide input, can help create ownership and increase the chances of successful implementation.

Lastly, the analysis calls for designing a typology that accounts for contextual considerations in cyber capacity building. It argues that the evolving landscape in terms of agencies, stakeholders, crises, and conflict or post-conflict situations should be taken into account. This would enable a more nuanced and tailored approach to address the diverse needs and challenges in different contexts.

In conclusion, the analysis underscores the importance of better coordination, political buy-in, and sustainability measurement in cyber capacity building efforts. It also highlights the need for longer-term programs, domestic coordination, and trust-building between countries. The analysis recognizes the progress in international-level discussions and acknowledges the challenges at the domestic level. Additionally, it emphasizes the role of civil society organizations and think tanks, as well as the involvement of recipients in project design. Overall, the analysis provides valuable insights for policymakers and stakeholders involved in enhancing cyber capacity building efforts.

Rita Maduo

The rapidly evolving and complex cyber landscape presents challenges in coordinating cyber capacity building projects. The difficulty lies in the constant need to update strategies and priorities in response to new technologies and their associated threats and vulnerabilities. This negative sentiment arises from the fast-paced nature of the cyber landscape, which makes coordination increasingly challenging.

Emerging economies like Botswana face additional obstacles due to limited resources. Adapting to the changing cyber environment is expensive, requiring substantial funding that may not be readily available. This limitation hinders the training of cybersecurity experts and the management of complex vulnerabilities, further exacerbating the challenges faced by these countries.

Insufficient coordination in cybersecurity efforts has negative consequences. It creates weaknesses in a country’s overall cybersecurity posture, making it exploitable by cybercriminals. Ineffectual coordination also leads to gaps and vulnerabilities, hindering the effectiveness of cybersecurity programs. Additionally, inefficient resource allocation is a direct result of insufficient coordination, leading to wasted resources and misplaced priorities. Overall, insufficient coordination limits the effectiveness of cybersecurity initiatives.

Effective information sharing is crucial for cybersecurity. Insufficient coordination hampers the sharing of threat intelligence between entities, making it more challenging to detect and mitigate cyber threats. Timely and accurate information sharing is essential for robust cybersecurity measures, underscoring the importance of coordination in this area.

A positive stance is taken, emphasizing the need for proper coordination among stakeholders for effective cybersecurity. Timely and accurate information sharing between stakeholders strengthens cybersecurity efforts and can only be achieved through coordination and collaboration. This positive sentiment highlights the significance of coordination in establishing robust cybersecurity measures.

Successful cyber capacity building requires a multifaceted approach and sustained commitment from all parties involved. Donors, implementers, and recipients must demonstrate ongoing commitment to achieve long-term success. The multifaceted approach includes embracing diverse perspectives and voices in cyber capacity building initiatives. By avoiding a stagnant approach, the positive sentiment emphasizes the importance of involving different stakeholders in cyber capacity building.

In conclusion, the summary highlights the challenges faced in coordinating cyber capacity building projects in the rapidly evolving and complex cyber landscape. Limited resources, insufficient coordination, and a lack of information sharing hinder progress in strengthening cybersecurity measures. However, the positive outlook emphasizes the importance of proper coordination, sustained commitment, and the inclusion of diverse voices in cyber capacity building initiatives. Addressing these challenges is crucial for enhancing cybersecurity globally.

Hiroto Yamazaki

The discussion on cybersecurity coordination explores the challenges that arise when multiple stakeholders are involved. One key issue is the presence of too many organizational stakeholders in cybersecurity, which hinders full coordination. This fragmentation of stakeholders is observed in various layers, including divisions between private and government entities, technical and policy experts, and different countries or regions. The lack of a unified approach and participation from all relevant organizations impedes effective coordination.

Another challenge is the difficulty in achieving full coordination due to the focus on bilateral cooperation. The Japan International Cooperation Agency (JICA), a key player in cybersecurity cooperation, bases its efforts on bilateral agreements between Japan and recipient countries. This approach requires JICA to align its initiatives with the recipient country’s own cybersecurity approach, strategy, and specific needs. While bilateral cooperation is important, it poses challenges in achieving comprehensive coordination across multiple countries and stakeholders.

However, it is stressed that respecting the recipient country’s ownership in bilateral agreements is crucial. JICA adheres to the policy of recognizing the recipient country’s authority and strives to follow their approach and strategy in cybersecurity cooperation. By acknowledging and respecting the recipient country’s ownership, JICA aims to foster a collaborative environment and ensure its efforts align with the recipient country’s priorities.

Inadequate coordination within JICA’s cybersecurity capacity building initiatives is identified as a problem, leading to negative effects such as reduced efficiency, failure to maximize development impact, and a lack of sustainability. The challenges stem from duplication of assistance, limited resources, an excessive number of resources, and isolated approaches to assistance. These factors contribute to suboptimal results and negative implications in JICA’s cybersecurity capacity building projects.

To address the lack of coordination, JICA employs two strategies: bilateral efforts and multi-stakeholder efforts. In bilateral efforts, interactions with Cambodian partners and organizations such as Cyber for Development are used to reduce duplication and enhance coordination. Additionally, JICA recognizes the importance of engaging multiple stakeholders, as evidenced by their technical cooperation project in Thailand, where they collaborate with ASEAN member states, the ASEAN Secretariat, and other donors. By incorporating multiple stakeholders in their initiatives, JICA aims to foster a more coordinated and comprehensive approach to cybersecurity capacity building.

A noteworthy success is JICA’s technical cooperation project in Thailand. With the collaboration of ASEAN member states, the ASEAN Japan Cyber Security Capacity Building Center conducts training and contests, contributing to the overall improvement of cybersecurity in the region. This success story highlights the positive outcomes that can be achieved through effective coordination and collaboration.

Furthermore, the discussion emphasizes the importance of coordinating with multiple stakeholders or through bilateral interactions to maximize development impact. It highlights the need to reduce duplication and harmonize efforts through coordination. The significance of creating sustainable outcomes, such as establishing guidelines and training materials, is also recognized in the cybersecurity field.

While some sentiment expresses negativity towards the one-time training or meeting approach, suggesting it is not an effective means of achieving coordination, there is positive sentiment towards delayed or time-difference coordination. This approach allows for longer periods of interaction and enables donors to engage with recipient countries even after initial engagement has taken place.

In conclusion, the discussion on cybersecurity coordination sheds light on the challenges faced by various stakeholders in the field. These challenges include the presence of numerous organizational stakeholders, difficulties in achieving full coordination due to the focus on bilateral cooperation, and inadequate coordination within JICA’s initiatives. Strategies such as bilateral efforts and multi-stakeholder engagement are identified as potential solutions. The importance of respecting recipient country ownership, creating sustainable outcomes, real-time coordination, and employing more long-term approaches is also emphasized. By addressing these challenges and implementing effective coordination strategies, collaboration and impact in cybersecurity capacity building can be improved.

Calandro Enrico

The proliferation of cyber capacity-building efforts has resulted in challenges in aligning strategies, priorities, and activities among donors, recipients, and implementers. These efforts aim to improve cyber resilience and skills in the face of increasing cyber incidents, state-sponsored attacks, and cybercrime. However, the sheer number of initiatives has created difficulties in coordinating and harmonising these efforts.

To address these challenges, a roundtable discussion is being organised, involving representatives from various sectors, such as the internet governance forum, government officials, civil society, technical community, recipients, donors, and implementers of cyber policy. The objective of this discussion is to assess the achievements and difficulties in coordinating cyber policy activities. The outcomes of this discussion will be formulated into a policy brief, which will serve as a guideline for stakeholders involved in the field of cyber capacity building.

In the realm of cybersecurity, it is crucial for project deadlines to adapt to the learning speed of the individuals involved. Human learning speed often falls behind the strict timelines set for cybersecurity projects. Thus, the focus should shift towards prioritising people and knowledge over rigid deadlines. This approach will ensure proper skill development and overall project success.

Political willingness and transparency are essential aspects of cyber capacity-building projects. Governments are investing substantial financial resources in these endeavours; however, political will from donors is necessary to secure funding. Additionally, transparency in the use of funds is crucial, as it provides stakeholders with an understanding of how the financial resources are being utilised.

Cyber capacity building not only serves as a means to enhance technical capabilities but also as a diplomatic tool to strengthen partnerships. It can be utilised to foster collaborations and build relationships between nations. This perspective highlights the multifaceted nature of cyber capacity building, extending beyond technical aspects.

The Global Forum on Cyber Expertise offers numerous mechanisms for improving coordination in cyber capacity building. These mechanisms include the Clearing House Mechanisms, regional donor meetings, and the publicly available Cyber Portal, which collects data and information related to cyber capacity building projects over the years. Despite these resources, there is a need for increased awareness and effort to enhance global coordination in cyber capacity building.

Inefficiencies and duplication of assistance can be avoided through effective communication and coordination. Examples from Cambodia demonstrate the importance of proper coordination in cybersecurity capacity building. The ASEAN Japan Cyber Security Capacity Building Centre (AJCCBC) serves as a coordination mechanism, hosting training sessions and facilitating collaboration among different organisations. Encouragingly, there is a desire for other donors to explore potential collaborations through the AJCCBC to improve coordination within the ASEAN region.

In conclusion, the influx of cyber capacity building efforts has led to challenges in aligning strategies and activities across various stakeholders. Coordinating these initiatives requires political willingness, transparency in the use of funds, and the use of available resources. Furthermore, there is a need for increased global coordination and effective communication to avoid duplication and enhance efficiency. The examples from Cambodia and the establishment of the AJCCBC exemplify the importance of coordination and collaboration in cybersecurity capacity building.

Tereza Horejsova

The coordination and effectiveness of cyber capacity building efforts face significant challenges due to a competitive environment and a lack of sharing. The competitive nature of the field makes coordination difficult, hindering cooperation and collaboration among actors involved in cyber capacity building. This leads to a lack of project continuity and a decrease in overall impact. Insufficient sharing of information and collaboration among stakeholders also contributes to problems, particularly with duplication of projects that overwhelm recipients and waste resources. Improvement is needed in the needs assessment process, which is currently time-consuming for individual projects.

The issue of projects being supply-driven rather than demand-driven is also prevalent in cyber capacity building. This approach fails to consider the specific needs and challenges faced by recipients, resulting in projects that may not fully meet their requirements. To address this, it is important to listen attentively to the needs of recipient countries and take their unique circumstances into consideration.

Various approaches and platforms have been suggested to enhance coordination and effectiveness in cyber capacity building. The Global Forum on Cyber Expertise (GFC) serves as a valuable platform for dialogue, information exchange, and networking among actors involved in cyber capacity building. The GFC’s Clearinghouse mechanism matches government needs with the right implementers and donors, while the Sybil portal aids in project mapping, improving coordination and resource utilization.

A sustainability outlook is crucial for lasting and effective impact in cyber capacity building. Projects lacking sustainability may provide quick fixes but not long-term impact. It is necessary to consider the goals of sustainable development and ensure projects contribute to them.

Connecting the development community with the cyber community is also important for improved efficiency and better solutions in the future. Learning from the development community’s expertise enhances cyber capacity building efforts and outcomes.

Promoting openness and increasing communication among stakeholders plays a vital role in enhancing coordination. Transparency, sharing best practices, and facilitating information exchange allow stakeholders to work together effectively.

To overcome these challenges, it is crucial to improve coordination through platforms like the GFC, listen attentively to the needs of recipient countries, promote dialogue and exchange between the development and cyber communities, and foster openness and increased communication. These measures will contribute to more efficient and sustainable outcomes in cyber capacity building.

Regine Grienberger

The analysis examines various aspects of cyber capacity building and explores the challenges and opportunities associated with it. Germany acknowledges that cyber capacity building is a relatively new topic within its foreign office. They recognize its significance as a diplomatic tool to strengthen partnerships and ensure stability in cyberspace. However, one of the primary obstacles is the difficulty in securing funding for such projects. This is largely due to budget restraints and the need for political willingness, which in turn depends on risk awareness.

While funding is crucial, it is not the sole factor in implementing cyber capacity building measures. The analysis highlights the need for human resources with expertise in cybersecurity. Simply having financial resources is not enough; experts are necessary for effective implementation. The establishment of platforms, such as the EU cybernet, is essential for facilitating the identification and development of train-the-trainer programs, ensuring a skilled workforce capable of implementing capacity building initiatives.

Transparency in the investment of trust funds is lacking within the field of cyber capacity building. It is important to understand how the allocated funds are being utilized and what outcomes are being achieved. This transparency ensures accountability and can help in identifying areas for improvement and learning from past experiences.

Understanding the needs of recipients is crucial for a successful cyber capacity building project. This understanding often begins with the development of cybersecurity strategies. Expressing and admitting these needs becomes a starting point for effective collaboration and assistance.

Coordination plays a significant role in the implementation of cyber capacity building initiatives. However, it is important to note that coordination should not favour certain recipients. In development cooperation, there are instances where some recipients are given preferential treatment, while others may be overlooked. Overcoming this bias is essential to ensure fair and equal distribution of assistance.

The analysis also emphasizes the importance of regional cooperation in addition to global cooperation. Mechanisms should be developed that foster collaboration among neighbouring countries, enabling them to assist each other in addressing common challenges in cyberspace.

The field of cyber capacity building should be viewed as a two-way street. It should not only focus on the traditional donor-recipient relationship seen in development cooperation. Instead, it should encourage mutual learning and knowledge sharing between all parties involved to create a more comprehensive and conducive cybersecurity environment.

Digital development cooperation should include cyber capacity building as it is integral to digital transformation. Enhancing the skills and capabilities of public administrations as they transition into the digital realm requires a strong focus on cybersecurity. This includes providing the necessary hardware and software to ensure robust cybersecurity measures are in place.

In conclusion, the analysis highlights various aspects of cyber capacity building, including the challenges of funding, the importance of human resources, the need for transparency, understanding recipients’ needs, the role of coordination, the significance of regional cooperation, and the integration of cyber capacity building into digital development cooperation. These insights provide valuable considerations for policymakers, funders, and implementers in their efforts to build strong and secure cyber capabilities.

Audience

The Budapest Convention plays a crucial role in cybersecurity by providing a legal basis for capacity building programs. These programs aim to ensure consistency and sustainability in equipping countries with the necessary knowledge and skills to combat cyber threats. A key feature of these programs is their emphasis on localized training, where trainees become trainers themselves, cascading the knowledge to others. This localized approach expands the reach and impact of capacity building efforts.

The Budapest Convention also highlights the importance of South-South Cooperation, where individuals from different regions participate in the capacity building program. For example, an African judge in Ghana may train judges in Kenya, fostering collaboration and knowledge sharing. This approach strengthens partnerships and promotes a collective response to cybersecurity challenges.

Regional cooperation plays a vital role in capacity building as well, facilitated by the Budapest Convention. Countries, such as Albania and Montenegro, collaborate to collectively address common cybersecurity challenges, sharing resources and expertise. This regional approach enhances collaboration, stability, and the effectiveness of capacity building initiatives.

The establishment of a point of contact in each country, compliant with international law, is strongly advocated. The 24-7 network provided by the Budapest Convention ensures a stable point of contact, enabling effective coordination and communication during cybersecurity incidents. This promotes international standards and legal obligations.

While a separate legal basis for capacity building programs is not immediately necessary, better utilization of existing legal frameworks is recommended. Utilizing existing treaties that already have capacity building programs ensures sustainable and coordinated efforts.

Donor countries have a significant role in supporting capacity building. Drawing lessons from past development experiences can enhance demand-driven capacity building in cybersecurity at the national level. By leveraging these experiences and knowledge, countries can improve their capacities and contribute to international cybersecurity goals.

Overall, the Budapest Convention serves as a foundation for capacity building programs in cybersecurity, promoting localized training, South-South Cooperation, and regional cooperation. It emphasizes the establishment of stable points of contact and the utilization of existing legal frameworks. Donor countries can improve capacity building efforts by learning from past experiences and improving capacity at the national level, ultimately contributing to global cybersecurity goals.

Session transcript

Calandro Enrico:
Thank you. Good morning, ladies and gentlemen. Welcome to a new session, a roundtable on the successes and challenges of cyber capacity building coordination. So today we’ll tackle these issues of cyber capacity building, and we’ll focus on the key areas of cyber capacity building, which is cyber resilience, as well as cyber skills and competencies, which is the coordination of efforts aimed at enhancing cyber capacity building. So in a world where, as you know, state-sponsored cyber attacks, cyber crime, and cyber incidents are proliferating, governments, governments, and governments are allocating substantial resources and funding to bolster cyber capacity building. Developing nations are receiving vital support to fortify their cyber defense capabilities, encompassing the ability to detect cyber threats, promptly report on cyber incidents, and respond effectively to cyber attacks. However, with the proliferation of cyber capacity building efforts has emerged as a challenge. The task of aligning strategies, priorities, and supported activities among donors, recipients, and implementers in the realm of cyber capacity building has grown increasingly intricate, and we’ll try to discuss all these things today. So our session aims to explore both the achievements and difficulties associated with coordination in the cyber policy area. Today we are privileged to be joined by a distinguished panel representing not only the We have a number of speakers from different regions of the world. We have a number of speakers from different regions of the world. We have various actors from the Internet governance forum space or government representatives, civil society, technical community, but also actors from the cybercapacity building community that are defined somehow in a slightly different way, because we have got recipients, donors, and implementers. And our speaker also from different regions of the world. So, we will start with the first part of the presentation. We will explore what are the repercussions of inadequate coordination in the field of cybercapacity building, and we will share what are the existing mechanisms designed to enhance coordination in this sphere. And then we will identify what actions can donors, implementers and recipients take to improve the coordination of cyber capacity building efforts. And of course, most importantly, we hope that many of you in the room will participate in the discussion, and we hope you will share also your own experiences and recommendations for enhancing coordination mechanisms in this cyberpolicy area. We also would like to prepare at the end of this session a policy brief, which will be shared with many stakeholders in this area. The Global Forum on Cyber Expertise, the German Agency for International Cooperation, other agencies dealing with international cooperation and cybercapacity building, the European Commission, recipient nations, implementers, and ongoing projects and initiatives. So, without any further ado, we can start the conversation. So, I will let all panelists to briefly introduce themselves when answering the first question, and I will simply go in the order of the table. So, let’s start with Rita. Thank you for joining us. So, can you tell us why it is difficult to coordinate cybercapacity building projects from your perspective?

Rita Maduo:
Thank you so very much for the question, and it’s really a pleasure to be in this forum today to share my views pertaining to capacity-building projects. First of all, I’d like to introduce myself. My name is Rita Madjoba-Dumiling, and I work for the Botswana National CSIRT. I’m actually a CSIRT respondent. Before I can jump into your answer, I would also like to emphasize what really cybercapacity-building encompasses, right? Cybercapacity-building, it actually encompasses all initiatives that actually drive towards the development of necessary skills, necessary capabilities, as well as the infrastructure that will ultimately or effectively address any cyber security challenges. Now, to go back to your question, why is it difficult to coordinate cybercapacity-building projects? One pressing issue that ultimately affects both developing countries and as well as developed countries is actually the rapidly evolving cyber landscape and its complexity, right? We are living in a tremendously evolving technological era whereby we are seeing the emergence of new technologies, and these technologies are, however, taken advantage of by threat actors, so in such cases, we are seeing emergence of sophisticated threats, sophisticated vulnerabilities. Now, therefore, in this dynamic… So, I think it’s important for us to understand that, you know, when we are talking about this dynamic environment, it rather becomes a challenge in coordinating, especially in reference to, like, strategies and priorities. There are strategies and priorities that are implemented to address issues that come with this, that are actually a challenge, but it’s also a challenge in terms of, like, how we are going to implement these strategies or policies rather is a challenge because of the dynamical, the dynamic environment, and this, however, especially for us developing countries, for example, Botswana, it’s rather expensive in the sense that in order to, like, be agile or keep up to speed with addressing these issues, it requires a lot of training, a lot of, like, training in terms of, like, how we are going to manage these complicated vulnerabilities. It requires a lot of funding. It requires a lot of, like, training cyber security experts in order to, like, try and keep up with this emerging challenges. So, it requires a lot of training in terms of, like, how we are going to manage these issues, and it requires a lot of training. So, we lack capacity in the sense that we do not, there is no, like, tailored training that is actually intended for different aspects of cyber security. So, those are one of the pressing challenges. So, in essence, complexity and rapidly evolving landscape, as well as resource constraints, are a challenge, especially for emerging, for developing countries such as South Spotswana. Thank you.

Calandro Enrico:
Thank you very much, Rita. I think it’s clear that there is a need of support, so there’s no doubt of that. And because of these complexities and evolving cyber threats, and some organizations are also trying to improve the complexity around the coordination of these efforts for supporting countries like Botswana. So, for instance, Teresa, one of the main goals of the GFC is somehow to support coordination. So, what’s your take on that, difficulties and everything else and challenges?

Tereza Horejsova:
Yeah. Thank you, Enrico. Thank you also, Rita, for setting us up with some really excellent points. Good to be here. So, my name is Teresa Horejsova, and I’m from the Global Forum on Cyber Expertise, the GFC, working mostly on our regional hubs and regional efforts. And building on what you said already, I will try to provide a little bit more, yeah, maybe frank assessment why it is difficult. Frankly speaking, this is the cyber capacity building efforts. It’s quite a tough and very competitive environment. That’s why, you know, for kind of all the actors involved, be it the donors, be it the implementers, or being the recipient countries, kind of the intuitive answer is that less sharing will mean more projects, will mean maybe more control about what type of projects are delivered, and so on. And that’s… a problem, as we will get later to why it is a problem, because when we are in a situation that there is not enough sharing, that also means that one project does not build on another project. We do not connect the dots as we should. So that’s why it is difficult to coordinate. We also, and you pointed to it a little bit, Rita, that in many cases it’s very supply-driven, the capacity building support that is being provided, rather than demand-driven. So I still think there is a lot of room for maneuver in listening to the recipients of cyber capacity building support on what their needs actually are, rather than presuming that we, on the other side, know what the needs are. Thank you.

Calandro Enrico:
Thank you very much, Teresa. I think it’s very interesting to highlight this issue of the competitive environment. There is a lot of competition, actually, and it’s clear, really, also working from an implementer point of view, because I’ve been working for a project delivering cyber capacity building, and it’s clear to see that there is competition, because the funds, even if they are there, available from a number of sources, are also somehow limited, because these projects also require a substantial amount of funds to really deliver on the promises. That’s also the reality. So Claire, then, from your perspective as a government representative, what do you think about the complexities and challenges of cyber capacity building coordination?

Claire Stoffels:
Thank you, Enrico. Hello, everyone. My name is Claire Stoffels. I’m the Digital for Development focal point at the Luxembourgish MFA, and within the Directorate for Development, Cooperation and Humanitarian Action. So first of all, I wanted to thank you very much for inviting me to participate to this panel on this really relevant topic, on which I hope I can share some useful insights with you from a donor perspective. So from my experience I can definitely say that cyber capacity building coordination is lacking amongst stakeholders, that we face a lot of challenges when attempting to coordinate notably diverging objectives, approaches, duplication of actions. There are however a number of positive efforts that have been undertaken which I will get to a little bit later. But first of all cyber capacity building coordination needs to be driven by several parties from within, meaning it requires really an inclusive, demand-driven and context-specific approach by which ownership is fostered among stakeholders at both national and regional levels in order to create sustainable change. I think this encapsulates really a key challenge in cyber capacity building coordination efforts. So as I said, it requires a regional approach and because it transcends so many communities of practice from technical incident responders to cybercrime police to civil society educators, it’s really challenging to gather all relevant parties around the same table. But beyond getting everybody to sit at the same table and to actually discuss, one needs to also recognize that the success of cyber capacity building coordination processes is contingent upon operationalizing the consensus at international level and reflecting that in national policies and practices in a way that aligns with national and regional socioeconomic and security priorities. Then another essential component to cyber capacity building coordination is trust. So it sounds very basic but trust is definitely a necessary component for practical cooperation between stakeholders. However, trust can be challenging to establish when working across so many different policy fields and and institutions. And trust can be built through transparency and accountability. And I think Luxembourg has historically been perceived as neutral and trustworthy. And this has definitely had a positive effect on relationship building and developing different initiatives in the cyberspace. And finally, one of the biggest challenges that I’ve encountered in the past year has been the development also of scalable models to establish mechanisms to coordinate capacity building efforts. And this is basically how it comes down to how a project can be developed sustainably in the future.

Calandro Enrico:
Thank you. Thank you very much, Claire, for alighting the requirement on an inclusive approach. Success contingent also to consensus at an international level that that needs to be translated in national policy, also on possibly coordination of cyber capacity building projects. And then trust. Trust is so important, right? Trust in cyber security is a world recurring theme across so many issues and also on cyber capacity building. So thank you for that. Anatoly, what’s your take on the challenges on cyber capacity building coordination?

Anatolie Golovco:
Hello, everyone. I’ll try to oversimplify things. So cyber security, from my perspective, it’s about good people who are protecting computers against bad people. So the main goal is to teach that good people to have the right value, the right ethics, and to be able to have the right skill to do the engineering of the process. So the fundamental problem is to deal to people. It’s difficult. It’s hard to plan. It’s not like building a construction or a road. You have to adapt to the speed of learning of people. of the people that you have in charge to cybersecurity process. So what’s happening very often, the donors have the timeline for the project, and they can’t adapt to the speed of learning, to the speed of the humankind. So they’re starting to buy tools. They’re buying more and more sophisticated cybersecurity tools. It’s easier to manage the project in this way, but you miss the main purpose. So you miss the humankinds who are fighting against, let’s say, the defects in the cyberspace, in the engineering of the cyberspace. So paying more attention to the people in the process, it’s the main thing that can help with this complex puzzle. Thank you.

Calandro Enrico:
Yeah. Thank you. Another key issue, so this issue of the timing of the project. Sometimes you don’t give enough time, actually, to a project to allow to reach, in terms of improving skills, because the learning curve might be slower. But there are specific requirements, especially from a donor perspective. I think the recommendation of actually focusing more on the people and how much they can learn in how much time would be probably a better way of approaching a project, rather than having very specific and strong deadlines. So probably from a donor’s perspective, unfortunately, that doesn’t always work. But we can try to discuss that a little bit more. Hiroto, from JICA, another donor organization and dealing also with international development, what do you think about the challenges?

Hiroto Yamazaki:
Thank you very much, Eniko. I’m Hiroto Yamazaki, Senior Advisor on ICT and Cybersecurity at Japan International Corporation Agency, JICA. So JICA is an official development assistant agency under Ministry of Foreign Affairs. So in the last five years, JICA has been involved in bilateral technical cooperation related to cybersecurity, mainly in Asian region. So over the past five years, actually, the technical cooperation has been implemented in Vietnam, Indonesia, Cambodia, Philippines and Thailand and so on. So today I would like to share our experience from the JICA’s activity. So I have three points on the difficulties on the JICA. So first one is that there are simply too many organisational stakeholders to coordinate. Some of them may not be globally identified, which makes coordination difficult. So cybersecurity has many communities divided into several layers, such as private versus government, technical and policy, and country or region. So in some cases, discussions among development partners do not include the communities of specialized security organisations, such as the first or IP third and so on. So in addition, not all organisations participate every time. So even when a group or organisation coordinates something, there will always be the organisations that are not included, so making it impossible to fully coordination. So I have some examples. So JICA attends the regional coordination meeting. So since 2009, Japan and ASEAN have established a framework of the cybersecurity policy meeting and working group. So this meeting is held four times a year. So at the meeting, capacity building session is held to share what kind of capacity building each organisation is implementing and to exchange our opinions. So this works well, but generally we cover the cooperation for government agencies, but does not include the support from civil organisations, private companies and international organisations, such as the first or the IP third. that, except for the JPSAT Coordination Centre. Sorry, I have a lot of example, but time is almost up, so I have one more reason. So we are the bilateral cooperation agency, so our cooperation is based on the bilateral agreement between Japan and the recipient country. So even if we could coordinate something with other development partners or donors, we still basically have to try to follow the recipient country’s approach, strategy, and their needs by respecting recipient country’s ownership. So sometimes it makes it difficult to coordinate. Thank you very much.

Calandro Enrico:
Thank you. Thanks a lot, Hiroto, for highlighting the number of stakeholders that actually a donor organisation is supposed to coordinate. But I think it’s a very interesting mechanism, what you described, the regional coordination meeting, I think that could help. Also, as you said, including all stakeholders might still be challenging. Louise, from your perspective, that I believe it’s primarily academic, what’s your experience and your take on the challenges on cyber capacity building coordination?

Louise Hurel Marie:
Thank you very much, Enrico. My name is Louise Marie Urell. I am a research fellow in the cyber programme at the Royal United Services Institute. So for those of you who don’t know RUCI, shorthand, it’s a security and defence think tank based in London, but we work globally across different regions. And my own background, I worked in think tanks and mostly focusing on Latin America and the Caribbean. So hopefully, I’ll be talking from that regional perspective, but maybe also talk a little bit more, as Enrico mentioned, from a more scholarly academic perspective. So as a person that has been in the position of being an implementer in many ways of different capacity building initiatives, thinking that implementation is not something that’s only conducted by different governments, but all different stakeholders have a place of implementation when it comes to cyber capacity building initiatives. I think what I’ve observed in the past couple of years… years is that, you know, we use the term cyber capacity building, but in fact we’re talking about evolving mechanisms, right? So there are MOUs that should be in place so that governments can then activate it and build an agenda bilaterally. We’re talking about multi-sided kind of multi-donor funds that are being established. We’re talking about, you know, coordination among civil society organizations that are working in conducting cyber capacity building and academia, the private sector, and other colleagues at the international level also kind of developing agendas on that. So I think I have three key points. What I have observed as well in terms of the context is that, you know, many donor countries are in the second or third wave of developing programs for capacity building, so they are also restructuring the way in which they’re doing and establishing, let’s say, funds within the government, so which departments you need to bring together. So I think that’s something quite interesting, but while you see like, for example, the GFC, the Global Forum on Cyber Expertise, has a civil portal where you map all of the different, let’s say, capacity building initiatives that are publicly kind of recognized, you know, while we see lots of programs, coordination doesn’t necessarily mean that, you know, that’s something that’s necessarily there. But the first point that I would say is that I think there needs to be a better understanding of, like, how coordination happens amongst countries that are willing to support. So from a supporter perspective, one big challenge of coordinating investments in a particular region, right, so I think there’s some countries from a donor perspective that would be more interested in some regions and some more in others, and whenever there’s, you know, no coordination among them, it’s very hard to see, you know, you have one country that’s receiving from multiple other countries, so how do you actually make sense that you’re not overloading the recipient country, because they also have to coordinate amongst themselves. So I think, you know, duplication is something that we really need to think about. The second point is really domestic buy-in, as a person that has… as I said, worked in Latin America for many years. Political buy-in is something that’s quite fundamental. So if you don’t have political visibility over these capacity building programs, it’s very hard to ensure sustainability of implementation, right? You might have a civil society organization or a think tank, as I used to work, trying to implement and bring visibility to cybersecurity capacity building, but then if the government doesn’t see that as a priority, sometimes it’s very hard to gain traction. So I think that is a very real challenge to thinking about coordination and sustainability. And the final point is really, I think we need to break down the term cyber capacity building a bit for us to have a better conversation and more focused conversation. So maybe we might be challenged on the coordination element because we need to break that down. So I would break it down into at least three different sub categories as a good academic that I am. So there’s the traditional cyber capacity building, we’re talking about skills, we’re talking about longer term projects or short term projects that are looking at, let’s say more whole of society approaches. A second element could be CCB for crisis response. So for example, Costa Rica having to respond to a large scale incident, right? This is a very different context of thinking about capacity building and investment in a particular recovery scenario. And the third one is capacity building for conflict or post-conflict recovery, which as we’ve been seeing like in Ukraine, for example, it’s a whole different landscape of investment and also capacity building efforts. So I think we need to break down the discussion around capacity building into the context in which it is applied. It’s very different when we’re talking about peacetime and maybe conflict or crises triggered by a particular incident. Second, domestic buy-in, we need to ensure that there’s political buy-in. And third, coordinations amongst countries that are willing to support given regional priorities for each of them so that we don’t duplicate efforts. So these are my three.

Calandro Enrico:
points. Thank you. Thank you very much, Luis. Many interesting and thought-provoking points, and especially I think also on having a little bit more of granularity right on the term of sub-capacity building, because all these efforts of course have got different goals, and I think it’s a good categorization between skills, sub-capacity building for trice response, and for conflict or post-conflict recovering. Regina, based on your experience as a cyber diplomat, what do you think about the challenges on cyber capacity building coordination?

Regine Grienberger:
Thank you, Enrico, and yeah, I’m Regine Grimberger, the German cyber ambassador. I would subscribe to almost all the elements that have been mapped out here as parts of the difficulties that we meet when coordinating cyber capacity building, and I would like to add perhaps four more. So the first one, also from a donor’s perspective, this is spoken from a donor’s perspective, it’s actually difficult to fund cyber capacity building projects. For us in Germany, this is, I mean, what is this, the 18th IGF, so I think there is quite a lot of time that has passed that we meet the needs, but in the foreign office it’s still a new topic, and it’s for us a new experience to really go into the details of cyber capacity building, but we realize that it is not only capacity building for the sake of increasing cyber security, but cyber capacity building is also a diplomatic tool to strengthen our partnerships, to strengthen the stability of cyberspace, and by thus also the security of us all. So it’s difficult to fund CCB projects because it needs a political willingness to do so, and the political willingness depends on the risk awareness and you know many people in the decision-making level of the Foreign Office for example are not as risk-aware as people you know in the basis like Rita described it from CSIRT. The second reason is of course budget restraints and then the third reason is that we have a very short-term planning, cameralistic planning for one year only and we have mid-term needs and even long-term strategies as you described when you broke down what is actually capacity building so our planning period is a little bit contradicting the recipients horizon. And then the last element that makes it difficult to fund is the deckability of the expenses. So because this is not always within the definition of what is then ODA, so Development Assistance in the definition of the OECD, we have to take it from other funds, other titles. So another element that I would like to add to the difficulties is we need to free human resources to do that. It’s not about money only, it’s also we need resources experts. We have established an EU cybernet which should be a platform to find an expert and also to develop train the trainers programs but this has really come out of the experience that we don’t have enough people to implement cyber capacity building measures. The third element is transparency. It’s what we need is a transparency and what we experienced is that for example when we invest in trust funds to fund cyber capacity building measures like with the World Bank we are really missing that kind of transparency. of transparency that we understand what happens with the money and what do the recipients do with it. And the last element that I would like to mention here is what we are also need needing to really coordinate effectively is we have to know the needs of the recipients which requires them expressing and admitting and expressing their needs and often it starts with the cybersecurity strategy that is missing that would give a structure to what are the needs in this particular place. Thank you.

Calandro Enrico:
Thank you, thank you very much Regina for sharing really from a donor’s perspective the difficulties to fund cyber capacity building projects. I think you touch upon the political willingness from a donor’s perspective and Louise said the political willingness from a recipient perspective. Sometimes there is a mismatch there and issues of transparency also very important because there is a need of understanding what’s happening with the money so probably you know having monitoring and evaluation mechanisms while the project is implemented could help that. And also a very interesting point that let’s not forget the cyber capacity building are also a tool, a diplomatic tool to strengthen partnership and working on security issues with other countries. So then let’s move on to try now to understand what can be the consequences of this insufficient coordination in cyber capacity building. For instance Rita from your perspective your organization the National T-SERT is primarily a recipient so if coordination is actually insufficient what are the repercussions for

Rita Maduo:
your own organization? Okay thank you Enrico for that question. As a member of the National CSAT, I have had firsthand experience and exposure to the repercussions of insufficient coordination, coordinating cyber capacity building. So what we have identified or what we have come across is insufficient coordination ultimately leads to disjoint cyber security efforts, thus leading to gaps and vulnerabilities in the country’s overall cyber security posture, making it easier for cyber criminals and malicious actors to ultimately exploit such weaknesses within the cyber posture. And then another consequence could be there could be insufficient resource allocation. For example, if different or multi-stakeholders within a nation do not come together, coordinate towards cyber security capacity buildings, resources may be wasted or there could be duplicated efforts or there could be misallocated areas with less priority, and this inefficiency could ultimately limit the overall effectiveness of cyber security programs. And then with insufficient coordination, there is certainly limited information sharing, because effective cyber security entirely relies on timely and accurate information sharing between different entities, that is, between different stakeholders such as government agencies, civil sectors, or private sectors, or even international partners. So, if there is insufficient coordination, this can, like, hinder sharing of threat intelligence and then making it harder to detect and as well as respond to cyber incidents. Thank you.

Calandro Enrico:
Okay, thank you very much, Rita. Those are really, yeah, worrisome points because somehow it seems that lack of coordination could result in deteriorating the cyber posture of a country because it really touched upon issues of limited information sharing, increasing cyber vulnerability, so then the effect of cyber capacity building could be completely contrary to its final goals. Teresa, from your perspective, there are also some mechanisms at the GFC, like the clearinghouse and others, so what are the repercussions of insufficient coordination between all these actors?

Tereza Horejsova:
Well, thank you, and I know I feel in an answer to this question we will be kind of reconfirming a lot what you have said, so yes, what are the consequences? Less impact than we could have and definitely insufficient use of the limited resources as several donors on this panel have already stressed, so there is a lot of duplication going on and if you’re a recipient, you might have got into situations that, yeah, the kind of same or very similar project was offered to you by various implementers, in some cases not knowing that this has been delivered, or donors trying to also support a project that might have been delivered in that given country too. Another maybe point worth mentioning is that we are often overwhelming the recipients, because if there is not sufficient coordination, imagine that for every single project an implementer would come and for instance would want to do a needs assessment for their particular project and needs assessment is so time-consuming and in this sense it’s very unfair to overwhelm already limited capacities for instance in a given country. So yes it’s a bit maybe utopian to expect that if needs assessment is deliverable in your project that you would be sharing it with other implementers. I understand that this is like probably not a typical situation but I feel it is a topic that we really really need to talk about yes and do you want me to go to the mechanisms now or later? Yes okay perfect so yes I mean now sorry that I will be talking a little bit about the GFC, the organization I represent because you know for those of you not familiar we are kind of a platform for actors involved and interested in cyber capacity building over 200 members from all stakeholder groups and the main idea actually is exactly providing a platform that hopefully naturally will lead to more exchanges, more networking, more conversations about about cyber capacity building. A few concrete mechanisms that we have experimented with have for instance and you’ve named it Enrico been the clearinghouse mechanism which in practice means that let’s say a government would express a concrete demand or need that they have and we would try to kind of clear it through the richness of the network that we have at the GFC connecting to the right implementers in an ideal case scenario connecting to the to the right donors. It’s not straightforward, for sure. I mean, the idea is probably good. The practice can be, of course, very complicated, but we feel this is an experiment that is worth playing with further. We also try to organize various donor alignment meetings in various regions, where we also try to kind of provide space for donors to come together and talk and kind of exchange notes. Again, it’s also delicate and tricky, and it is unrealistic to expect that also donors would come and share all their intentions and plans and strategies. But we feel that there is maybe some progress that is being done in this regard, and if the GFC can have a minimal role in helping to facilitate the discussion, we would be very happy to continue doing that. Another mechanism that we have available for the community is the Sybil portal, which is available free of charge at sybilportal.org. And this is a space where we kind of try to provide mapping of what are the projects available for a specific topic in the field of cybersecurity, for a specific region of cybersecurity, for a specific country as well. So it’s possible to kind of filter and play around. The resource will be more valuable the more comprehensive it is. So, of course, I cannot say that we have 100% of projects everywhere covered. It also relies a little bit on the implementers and donors sharing with us this information so that we can feed it in the platform. And of course, it also relies on us and our agility to keep the portal as up-to-date as it can be. So this can be kind of a basic resource to see, okay, let me see what projects in the field. field of, I don’t know, cybersecurity skills have been implemented in Botswana by whom? What was the angle? So it’s Sibylportal.org. I also, of course, have to stress a little bit our regional efforts. So I talked about it a little bit, you know, that we really think there should be more of this demand-driven capacity building, and then it’s not something that should be happening kind of like from the headquarters somewhere, but being really much closer to the situation on the ground is essential, which we are trying to tackle through our regional hubs. And maybe to conclude, you know, a general mechanism, and also building on what others have said, Regina, you’ve been very frank in your response, is the kind of short-term, long-term planning, yes? If we have a project, you know, that is a quick fix on something, but we don’t have the sustainability outlook, you know, in a way it’s also not as impactful as it could be in the long term, which I feel is the common goal of all of us. So sorry, I took more time now.

Calandro Enrico:
Thank you. Thank you, Teresa, for sharing. So there are many mechanisms available from the Global Forum on Cyber Expertise, the Cleaning House Mechanisms, the regional donors meeting, the Cyber Portal, which is a great resource, because all the information is publicly available, you’ve been collecting data and information for a number of years, so you’ve got actually an historical perspective, and that’s really available for not only donors, but also for implementers, for recipients, and I think it’s a great way of increasing transparency for the broader global community dealing with cyber capacity building. So information is there, it is available, sometimes it’s a matter of making an effort. Interestingly enough, I believe that there are still organizations … organizations and donors that do not know, unfortunately, these tools, but I believe that those are somehow also the foundations to try to improve these mechanisms globally. So I really invite everybody in this room, if you are involved in cybercapacity building, to have a look at these tools before embarking in your next project, because that could really help you improve the coordination efforts. Claire, so from your perspective, what are the consequences of this insufficient coordination? And then I don’t know if you would like to talk about some of the mechanisms to improve the coordination.

Claire Stoffels:
Yes, I don’t want to repeat anything that’s been said already, the excellent points that were made. From a donor perspective, there’s definitely obviously a risk for duplication and lack of coherence because of the proliferation of actions in the cybercapacity building space. So therefore, coordination is essential to increase situational awareness and allows to learn if some of the needs identified in a country or that will be identified by the project have already been addressed by other CCB projects. So that’s why also platforms like the ones from the GFC are essential, especially for countries like Luxembourg, where we don’t have as many resources to identify what’s being done, what’s being carried out by other stakeholders in the field. So I want to address some mechanisms. So I just said, as a small country, again, with limited resources, Luxembourg really has to foster multi-stakeholder approaches across sectors, not just in development cooperation. In digital for development, cybercapacity building is one of our main intervention sectors, and it’s a key priority really at national level, and it’s reflected in our policies, in our administrations, and in our private sector, and it really has trickled down. into development cooperation and we therefore together with our implementing agency LuxDev as well as other actors We fostered a lot of partnerships to carry out CCB sorry capacity building interventions We’ve coordinated efforts with also our national cybersecurity agency in the framework of our projects really because we try to identify which needs and gaps can be filled by different partners that we work with At European level Luxembourg is a is a founding member state of the digital for development hub, which you might have heard of So it’s a global platform that was launched by the European Commission in 2021 Which aims to foster a digital cooperation amongst EU member states to promote digital transformation in our in partner countries So the digital for development hub works on different Thematics among and has basically different working groups dedicated to those thematics Which aim at fostering discussions and initiatives among which cyber security? so Luxembourg shares the co-lead of this thematic working group with France and the European Commission and the purpose of these working groups really is to provide a forum for information and best practices sharing an Experience sharing between member states and we try to involve as much as we can different External actors as well on a regular basis and it has been more or less Successful so successful in the sense that it has created an informal forum for technical levels to exchange and share practices Less successful in the sense that I would say that most European member states still have limited resources Dedicated towards digital for development and therefore I don’t think it has reached its full potential yet in terms of how much Information knowledge sharing and coordination capacity it could carry out Allow me to share maybe just an example of how the cyber thematic working group can actually work in practice So, the European Commission is currently formulating a new project focusing on Sub-Saharan Africa with one component on cybersecurity and one on e-governance. I’m happy to get into the details a little bit later. And in parallel, Luxembourg, we’re formulating a project at bilateral level with our implementing agency LuxDev and the African Union Commission with similar complementary actions. So our respective formulation teams, they are in contact now also with the African Union Commission and other stakeholders on the ground to ensure that both projects are actually complementary and make an efficient use of resources, that basically we don’t also duplicate needs assessments, that we can actually base ourselves on one single needs assessment, that we ensure that we have the same contact points within the African Union Commission so that we don’t, basically that they also feel that we are coordinated on our side and that it’s not going in every direction. So we were able, basically as I said, to share this information and our respective objectives through this thematic working group, which is, I think, quite a good example of how that can actually work in practice. And then Luxembourg has also joined other coordination platforms or practitioner groups such as the GFCE, the EU Cybernet as well, which is a great platform as well, and those have proven to be very beneficial, again, for a country where we have limited resources dedicated to D4D and small administrations to carry out these initiatives.

Calandro Enrico:
Thank you. Thank you very much, Claire, for highlighting some of additional efforts from the national and European perspective. Maybe not everybody is familiar with this Digital4Development Hub, which is this European union mechanism between member states, where, as Claire said, they can share what are their priorities in terms of digital development and assistance to various countries. Of course, as you said, it’s got its own challenges, but it just started also in 2021. So I think it’s good and significant to see that there is an effort towards trying to improve coordination of these efforts. So thank you for providing concrete examples from that point of view. And of course, also the issue of national coordination and the problem with lack of enough resources, as also Regina highlighted before. So Anatoly, from your perspective then, what are the consequences of this insufficient coordination and can you highlight some of other mechanisms in place to improve coordination that maybe we do not know?

Anatolie Golovco:
Thank you. Yeah, I’d like to start with elaborating a little bit on what Teresa just said about the competition of donors. What I’ve seen in the last year since I’m serving my prime minister is sometimes the beneficiaries are losing the point, they are losing the scope of the project. So we see the project as a process, but we miss to remember why we started this project. Because you know, when the scope of the project is just to buy some hardware or software, it’s very clear. You have a shopping list, you split the shopping list between donors, you buy it, you put it in place and expect people to use it. It’s more complicated when you have people involved, because sometimes you don’t, you have for example training programme, but you don’t have enough brains to put that knowledge in, so you have a shortage of people to train. I can give you an example why it’s happening that sometimes the people don’t fit the projects in cyber we have. We had the discussion with the European Commission, especially on the topic of nationwide approach when we have to improve the cyber security in the region. in the local authorities and I discovered that the same problem is not just in Moldova, the same problem is for example in Estonia because of this big decentralization of power, you have local authorities which have a big autonomy but in the same time with this autonomy they have to serve themself and what we discovered that the cyber or the IT in general in the regions is handled by private companies so the Commission say we can’t invite non-public servant in trainings for cyber and we had now to find the mechanism to fit that employees of private companies who serve the infrastructure of the states in the regions and it’s not easy because you have to find the legal mechanism and to rebound the project scopes. So as I just told in my previous blog, to work with people is hard and when you have technical people is more hard because they are special. The solution to that is obvious, you need a better planning but it’s not the planning that the donors have to do, it’s the planning that the state actors have to do in terms of making this wish list to the donors and yeah, that’s the solution. Regarding the mechanism, we developed in the last let’s say half year or maybe eight months, we developed the following mechanism. So since 2015 we have the discussion that the Prime Minister need one single point of contact person in his office to be the window to the state. So they found that person, it’s myself and I organized the Council of Cyber Security in the Prime Minister’s office. And the vision of the Prime Minister, we are spreading across the institutions. We are spreading it to give the understanding what we wish to achieve and to give this clarity that sometime is missing in all cyber security projects. Another mechanism that we have, it’s small groups. Because this council, usually it’s between 30, 50 people, and when you have in the same room 50 people all together talking, it’s not efficient at all. So that’s why we have this, the council usually it’s meeting every month. We have every two month meetings with a shift from different donors. Usually it’s happening in small groups. It’s around, I don’t know, five, seven people. And these small groups are delivering the peer review between projects and between activities of the donors. And it’s very, very efficient because they can adjust their steps in delivering the project. So after having all this, let’s say coordination and identifying what has to be done, it’s already our Ministry of Economy and Digital Development, or Economical Development and Digitalization. So this ministry, it’s putting all that in the policy and it became a law or a government decision to have it on paper, let’s say. So this three-layer mechanism is very efficient for now. We’ll see how we’ll move with the critical infrastructure, because critical infrastructure is beyond the cyber security. And we’ll need extra coordination, because it’s a different profile when you have to take care about cables and other physical stuff. But yes. Thank you.

Calandro Enrico:
Thank you very much, Anatoly, for I think highlighting some very important issues. So I like the point on the need for a better planning, you know, not only from the donor’s perspective but also from a state actor’s perspective, right? Because sometimes, as we have highlighted also before, there might be some lack of transparency at that level. And I think some of the mechanisms that you have identified at the national level are really great and probably could be replicated also in other contexts. I like the small working groups because, of course, I believe that we have all been part of several working groups. So probably working with less people might be easier and more efficient, right? And then, of course, probably in your role trying to coordinate all these smaller groups, I think it’s something very concrete that other countries or mechanisms could actually try to replicate. So yeah, thank you. Thank you very much for that. And also I think the importance of another point of the recipients that are not only or always government officers but might be also private sector representatives. And that might create a problem of formality from the European Commission perspective because actually they cannot really directly support them. So the difficulties then from a recipient perspective of trying to find legal ways to let them understand that actually those are somehow acting as public sector employees because those are the people dealing with cyber capacity issues at the national and government level. So thank you. Thank you for that. Hiroto, once again, from JICA perspective, in terms of consequences of insufficient coordination from your experience, and what mechanisms did JICA put in place to improve that?

Hiroto Yamazaki:
Thank you very much. From the development agency’s perspective, so inadequate coordination in JICA is a problem in cyber security capacity building will lead negative effects, such as the reduced efficiency, non-maximized of development impact, and lack of sustainability. So looking at the negative effects in more detail, we can see previous speakers already mentioned the duplication assistance, lack of the resources, or the too much resources, or the siloed approaches to assistance, and so on. And I skipped some other parts. But conversely, by promoting coordination and cooperation, it is possible to eliminate these negative effects. So I have two examples. One is a kind of the bilateral effort. The other is a more multi-stakeholder effort. So regarding the duplication of assistance, I have an example from Cambodia. So our project started in May this year. And this project included assessment activities for the national CSIRT. But it was discovered that the cyber for development had conducted already a few years ago. So in this case, since the project had not yet started, we had a chance to talk with our Cambodian partner and cyber for development. So then we decided to use the result of the cyber for development instead of conducting the same assessment so that we could reduce the duplication of the assistance. The other example is more about multi-stakeholder. So Japan, I mean the JICA, is conducting the technical cooperation project in Thailand. So there is a training center in Thailand that is called ASEAN Japan Cyber Security Capacity Building Center called AJCCBC, established in 2008 or something. So in this training center, we have we are coordinating with ASEAN member state countries and ASEAN Secretariat so that we conduct the training at least six times a year and also CTF contest to meet their needs. So in addition to providing, in addition to training, provided Japanese training company or training institute, we also discussed with other donors or other partners. So this AJCCBC framework provided more training with, for example, the CISA of United States. So they provided some of the open source training evaluation, sorry, cyber security evaluation framework and also we have, now we are planning to provide more training in coordination with the FCD of United Kingdom and ITU and more other organisation. So through this AJCCBC programme, so this is kind of a training centre for ASEAN region, but also this AJCCBC has a kind of the coordination function to meet the needs of the ASEAN and also to reduce the duplication or something like that. So okay, that’s all, thank you very much.

Calandro Enrico:
Thank you. Thank you very much for sharing one concrete example of two projects collaborating in order to avoid duplication and also for sharing the existence of this centre, which I believe probably also other donors beyond ASEAN and those that you have mentioned could actually collaborate with in order to improve coordination within the ASEAN region. So I would invite everybody who’s working in that region actually then probably to get in touch with you and try to understand better how to work together in that, through that centre, because it’s not only a physical centre, but it’s actually a coordination mechanism. Yeah, Luis, same question for you. Insufficient coordination. and some of the mechanisms that you might have identified to improve coordination?

Louise Hurel Marie:
Absolutely, and we’re right at the last mile right now of the panel. Yes, I also don’t want to kind of say the same. I think we’re all biased over here. We understand very, very nicely the landscape and the challenges. But I think in terms of fragmentation of efforts, I would say that one of the consequences is really leading to poor sustainability measurement. And that goes from an individual, let’s say, donor or recipient country, but also from different donor countries trying to assess the landscape. I think we don’t have necessarily good measurements for longer-term sustainability efforts. I think we’re very good in measuring KPIs for an immediate project that you’re implementing. But once you’ve implemented the project, I think that longer-term element, because of so many other layers, I think Regine alluded to the bureaucracy of government and how sometimes it’s very hard to keep track of things beyond the financial year. So I think we need to be very realistic of how do we then build effective measurements in terms of sustainability over a longer period of time. Is that something that should be discussed in other forum internationally? Is that something that we should talk more about, be it at the ITU, be it at the UN, whatever works, of making those two communities meet, the CCB and the development community. So that also leads to a higher propensity of a one-off efforts or effects. So you only measure impact in, like, I implemented a project, then you measure impact based on that particular project. So you don’t have a holistic view. And I don’t think that’s something that’s just applicable to donor countries or recipient countries, I think implementers as well, like civil society organizations, think tanks that are working on this. It’s having a bigger measurement of how do we actually… see this as more than a one-off. Is there something on the recommendations for you as an organization, and I can say from a think-tank perspective, right, having conducted CCB in different countries and also helped in the implementation, I think it’s like, how do you actually provide recommendations that are sustainable? Is it about developing a longer-term, you know, capacity building program in a region, right? So I think we need to think more about that. In terms of also other consequences from the domestic, domestically from the donor side, already alluded to this, so there are multiple departments dealing with different types of capacity building efforts within different governments. So one example, and it’s not to put the U.S. on the spotlight, but like for example with Costa Rica and the Conti kind of ransomware incident, you had USAID kind of providing some some support, and then you had now the Foreign Military Fund providing other types of support to Costa Rica, right, which shows that there are different parts of government that are doing different types of CCB. Whether they’re coordinating, and I have no insight into the particularities of the the U.S. government definitely, but I think from a person that has been observing from the outside and the public information that we see, I think this is something to consider, right, in terms of let’s say the consequences of insufficient coordination from a donor perspective internally. And then domestically from the recipient side, this can lead to really like overwhelming effect when recipient countries really have lots of offers. That is assuming a very good scenario where you have like a country that’s receiving, but from a crisis response CCB perspective, and going back to what I said previously, when you look at countries such as Montenegro, right, so we hosted RUSI, we hosted a discussion over at the open-ended working group at the sidelines on thinking about ransomware and requests for assistance, right, and we discussed with the colleague from Montenegro was talking about how when they were attacked it was very hard for them to actually designate one POC to respond to the multiple countries that we’re trying to support at that moment. So that is a good scenario where you actually have lots of countries wanting to support, but then you actually need to be realistic internally of whether you do have a POC, do you have a national cybersecurity agency that has the authority to do that. So I think there are lots of different nuances to thinking about coordination domestically. Domestically from the recipient side, from the donor side, and also from organizations that are trying to measure sustainability more broadly. Very shortly on mechanisms. So still sticking to my breaking down the discussion and the language and the terminology around CCB. I think more broadly as I discussed, you know, the mechanisms that we have for broader CCB are already out there. I think they’re MOUs. For example, you know, Australia has done a very interesting work throughout the past couple of years of tying, you know, the BOA declaration, you know, looking at the Pacific Island countries, then tying kind of like particular parts of, let’s say, funds to do training on certs within the region. So I think there’s like a sequencing of actions and there are MOUs that come before that that are renovated after a while. So I think, you know, these are things that have been working quite well in different regions. There are different experiences. When it comes to crisis response mechanisms, I think there’s still a lot of experimentation on how government seeks to institutionalize this from, let’s say, Costa Rica, Vanuatu, PNG, and others. What, you know, just from a research perspective, what we’ve observed is that all of them have been preceded by MOUs, almost all of them. So countries that provided assistance in the context of a crisis already had a previous relationship. So we go back to the point on trust and how you actually have to build that trust before you actually conduct any kind of assistance. But there are other also evolving mechanisms, such as in the EU there’s the PESCO. framework and there’s the the cyber rapid response teams which is a way of getting particular types of countries within the EU to respond to a particular crises like cyber crises. So that’s still an experimental stage even though the PESCO framework has been there for a couple of years. I think this is a one way of thinking about how mechanisms can be explored within a group of countries. And finally when we’re talking about you know crises CCB I think we need we see some some mechanisms that kind of go back to the broader lens of CCB. So one other example that we’ve identified is that Slovenia, France, Montenegro they set up a center for cybersecurity capacity building in the Western Balkans in 2022. And that is an example of like Montenegro faced a very large-scale cyber incident, it was a ransomware, then they have received crisis response assistance and now they’re going back to like what are the mechanisms that we can build together to have a longer tail sustainable impact and how different countries can come together to actually institutionalize that. So I think we need to see those different types of CCB as complement to each other depending on the context and I think that last example just shows that you can go from crisis response back to like a broader CCB lens and use the crisis response as an opportunity for that political visibility to set up new mechanisms. So hopefully you know that provides a bit of a an idea of the landscape based on this typology let’s say.

Calandro Enrico:
Absolutely, thank you. You touched upon so many important points, the issue of sustainability, trying to find also long-term sustainability mechanisms. Also from our perspective I think try to have a broader understanding of the impact so beyond the single project I think that would be great and I don’t think it exists unfortunately. I’m sure that all European funded projects somehow have to to demonstrate the impact but that really happens at the So I think, you know, I think that there’s a lot of work to be done on the project level but what about then globally, right, observing the impact of all these projects? What will be the result? Do they look at sustainability? So thanks a lot for that. And also some of the mechanisms and how, as you said, from cyber crisis we can actually then identify other more long-term kind of mechanisms on coordination. I think those are great examples, but I would like to ask you a couple of questions. I think we have the last one in our table, so is there anything else that you would like to add on in sufficient coordination and some of the mechanisms that maybe Germany put in place to improve coordination in cyber capacity building?

Regine Grienberger:
Yeah, not to be repetitive, I would like to just throw some, you know, some ideas around and we see if we can follow up then in the discussion. So, I think, you know, I think that there’s a lot of work to be done on coordination, and I think it’s important to flag that there’s often a misunderstanding what coordination actually is. And I have to explain it also in my own system, that coordination does not mean telling other people what they should do. I mean, we have, for example, a very, I mean, a situation that is perhaps not very easy to explain, but I think that, you know, we have to, you know, try to, you know, try to, you know, so come up with a project, so this is a way of establishing a cyber capacity building project that is not, that cannot be coordinated in the same way that’s something that, you know, when you start with a white sheet of paper and just, you know, map it out according to the needs of the recipients. So, you know, I just go to the coordination meeting and tell them, okay, that’s what I’m going to do, because there is no leeway on my side to do something different. to choose a different recipient. A second element, of course, like in all development cooperation, there are darlings, darling recipients and others and be aware of that, but a coordination mechanism should also help us to overcome this bias that we always lean towards certain recipients who are well prepared to receive our assistance. Then you mentioned the Montenegro Center. What I was very, not surprised, but what became very visible in, for example, the Albania case of when the ransomware attack hit them, was that they turned towards help, also emergency support, far, far away from the US, from France, from others. They didn’t ask their neighbors, although there might be some familiarity with the structures, you know, arguments to ask the neighbors. So I would say a mechanism or mechanisms should also look for, you know, regional cooperation, not only global cooperation or, you know, I mean, in cyberspace there are no borders so neighborhood doesn’t mean the same thing as in the analog world, but nevertheless also in cyberspace there are reasons to ask your neighbors for help. Mechanisms, I mean, what is really necessary, Claire mentioned the D4D hubs. What I also find very promising is the regional tables that the European External Action Service is setting up with regard, for example, to the Western Balkans, now also for Moldova, to integrate foreign policy and security policy considerations and development or assistance considerations. So to bring these two aspects of the two perspectives together, because it is often, you know, development cooperation seeks to be not so political, more technical, but of course there are many reasons to integrate these technical perspective with a more foreign policy perspective. And then something I would also like to add is we have, I think there is a good case for on the donor side, to have also a top-down approach with regard to coordination. So starting with the language and with the paragraphs that we have in the OEWG reports and GGE report from 2021, because there is a good outline of what cybercapacity building is like, there is this very good idea and expression and notion of a two-way street. And we haven’t talked about this yet, but I think cybercapacity building should in principle be a two-way street, so that there is also, you know, north-south, south-north, south-south, north-north cooperation included and not only, you know, a donor-recipient relationship as in development cooperation. So the reports on the cyber norms provide us with a very good general concept, and what we have now in the discussion, the program of action will even give us more opportunities to also have it in a sustainable way, so not reopen the case every five years and renegotiate the same document, but have a more long-term perspective of where we would like to arrive one day.

Calandro Enrico:
Thank you. Thank you very much, Regina, for highlighting some of the, you know, how regional cooperation could actually improve these coordination mechanisms and the fact that not always that is actually the preferred way to ask for support. Thank you for highlighting the example of Albania having the Montenegro Center next to the UN. And also, it’s very interesting on how these new discussions on linking policy consideration and development considerations are actually not growing, so that the political aspects and the technical one somehow are trying also to find a way to have a better dialogue. And then, of course, for those that are not familiar, I would invite all of you to read the Open-Ended Working Group final report on Responsible State Behavior in Cyberspace, which highlights some of the principles of cybercapacity building, and one of those is these two-way streets, right? And the fact that the relationships between donor and recipient, south and north, needs to be revised and understand that they’re actually on a better, equal base also on cybercapacity building. So, I would like to open up now the floor to some questions or additional comments before we wrap up and conclude. Okay, there is somebody, yeah, you can start.

Audience:
Thank you. Hi, I’m an attorney, I’m a lawyer, so I like to consider legal basis as being a sustainable way of going forward, and it occurred to me, of course, there are different things that we talked about, and OEWG is also more of just resolutions that have basically been passed, but the Budapest Convention provides a legal basis, and I was thinking about the work that at least I’ve done with them and the things that it helps doing. They have sustainability because of the legal basis. I’ll mention three things, the first is the legal basis, the second is that their capacity building programs make sure that they don’t do what we call drive-by trainings. If they’re training judges, they’ll make sure that the training is done, it is localized, and then after that, those trainers are going to train others, and not only that, but the point you made about south-south cooperation, an African judge in Ghana, I mean, I was part of this just a few weeks ago, trained judges in Kenya, as an example. So that’s helpful, and someone from the Philippines is training someone in Morocco, for instance, this happens under their auspices. And also, the TCY, which is the committee for the Council of Europe, allows a measurable mechanism which is global for all countries to check what you’re doing when it comes to capacity building with these things, and they do this consistently, maybe not be too public, but it’s something that they do. something to look into. And finally, of course, they do regional cooperation constantly for Albania, Montenegro. I’ve been part of many of these exercises where they had many of these countries get together. But the most important one, and I’ll leave you with this, is the point of contact, the 24-7 network, which allows you basically to have a stable, legally, international law compliant, domestic law compliant, sustainable point of contact, where everybody can get in touch and talk to each other. And it’s not something we’re saying, well, which country does what? No. Every country has one point of contact, designated, known who they are. If there’s a problem, they know exactly who to contact. So this might be just one alternative. Thank you.

Calandro Enrico:
Thank you very much for your comments, for adding some other mechanisms for coordination, more from a legal perspective. I think that was great. So I’m wondering if somebody would like to address the question on the legal basis for cyber capacity building, because it’s something, actually, we didn’t touch upon, for sustainability and better coordination. Is there anybody who would like to? OK. Yeah. I think it’s an interesting question, because actually, there aren’t. And probably, that could be also a way of creating more clarity and somehow to address some of these issues. I think it’s a good question.

Audience:
At the risk of repeating, I’m sorry. My apologies. It wasn’t really a question for the panel. I’m not expecting we should have legal basis for capacity building, not at all. I’m just saying that there are legal basis in treaties, which have capacity building programs, that bring that sustainability. And maybe using them more is something to think about. The donors should be looking at it and saying, hey, that’s something stable. That provides structure. It’s legally sustainable on an international basis, as well as domestically. So that’s OK. Thank you.

Regine Grienberger:
Actually, also, understanding it as a tasking for both sides, both donors and recipients, if you want, or partners in crime here.

Calandro Enrico:
Thank you. Thank you very much for that. There was another question.

Audience:
Thank you so much. Thank you so much, and thank you so much again to the panelists and this very comprehensive points of view from different regions and different expertises, so thank you for that. So my question slash comment, so first of all I’m Yasmin, I work in the ITU in actually cyber capacity building project implementation. So many of the things that were mentioned really resonated, and my question is related to this challenge of demand-driven capacity building, because, you know, donors obviously have different political priorities, different budgets and everything that was mentioned as well, but we need to remember that this is not only a cyber security issue, there are a lot of lessons learned that can be learned from the development world, I mean there’s decades of development work being done, there are mechanisms in place like, you know, donor pledging conferences, donor coordination conferences, and so something that on the donor side that can be done is also at national level to look into what is being done in other, you know, government agencies and other divisions to see if there’s any lessons learned there, and of course at national level this can be looked into so that it’s improved at international level. So in short, my question is basically, you know, how can donor countries look into inside and their national lessons learned when it comes to development, so that we can improve on demand-driven cyber capacity building. Thank you.

Calandro Enrico:
Thank you, thank you very much. One of our donors country would like to answer to the question, thank you.

Claire Stoffels:
Thank you for your question. I think the D4D Hub actually is, that I mentioned earlier, gives a very good platform to do that, and what we aim, at least what we aim to do within the cyber thematic working group is to do exactly that, so to have the technical level people to share what good practices, lessons learned, what went wrong in your project, and how to do it better to really provide an informal platform to exchange. on that basis, sometimes it’s a bit difficult, actually, to gather that information that you mentioned, and that is actually the important elements that we need in the inception and the formulation of a project. So, yeah, I think the G4D Hub provides a very good stage for that, but, yeah.

Calandro Enrico:
Teresa, would you like? Teresa, please.

Tereza Horejsova:
Is it on now? Yes, okay. Thank you, Yasmin, also for your question. I think it’s an important point of connecting, actually, learning from the development community, but also connecting the development community with the cyber community, which is also something of quite an interest for the GFC, and we are together with our partners organizing a conference on global cyber capacity building in Ghana at the end of November, and this is exactly one of the objectives, to bring these communities together a little bit more for more efficiency in the future, hopefully.

Calandro Enrico:
Thank you, Teresa. Regina?

Regine Grienberger:
Yeah, I would like to add one aspect, and that is that it is also true in the other way around. If you do digital development cooperation, so development cooperation for digital transformation or for digital transition of public administration or so, you should include the cyber capacity building part, because it doesn’t make sense to help an administration transition to a digital system without including enhancing their skills, their capabilities, also the hardware and software part that is necessary for good cybersecurity. So I would say it’s also the other way around, yeah.

Calandro Enrico:
Thank you. Donia, probably there is an online question.

Donia:
Yes, we do have a question from online participants. First off, a response to Claire’s very early intervention, just support. And then the question is, can we see capacity-building as end-to-end across the whole community, rather than just technology solutions? And what are the panels we use on thinking of capacity-building as more than just technology solutions, but also building community awareness, legislation framework, or government policies, et cetera?

Calandro Enrico:
Thank you. Thank you very much for that. Is there anybody who would like to answer to that? I think my understanding is trying to see it beyond the technical issues, but rather on building awareness, legal basis, and so on and so forth. I think if I understood correctly the question.

Louise Hurel Marie:
Yes, sure. And thank you for the question. I think maybe I’m biased, because I feel that we probably bursted that bubble a lot. And I think a huge part of that effort, I take my hat off for, the GFC, the Global Foreign and Cyber Expertise, which tries to provide that platform. So they’re working groups on incident response, and they’re groups on cyber diplomacy and norms. And those kinds of communities in the coffee break kind of meet up. And I think it’s about those small efforts in the sense of mixing those communities and having the space to do that. So I think from my perspective, those kinds of efforts The CCB discussion across communities is gradually at the international level, through these mechanisms, kind of progressed. But for sure, when you look domestically, depending on the country, depending on the culture, depending on where in the development spectrum they’re in, it’s still very challenging. I remember working in my previous job in a think tank, and I was working in a think tank, so working in my previous job in a think tank based in Brazil, sometimes speaking to different departments across the government, or people that were working more on CCB for, let’s say, certs. It’s a very different kind of community. So I think there’s also this effort of us, at least, from civil society organizations or think tanks to try to do that as much as possible when we’re planning and designing a particular project. I think that’s part of how do we design that engagement with those communities as much as possible in our own, let’s say, stakeholder group.

Calandro Enrico:
Thank you. Thank you very much, Louise, for that. We only have four minutes left, so very quickly before we conclude, I would like to invite the panelists to provide, I would say, maximum two takeaways or recommendations and to improve cyber capacity building coordination.

Rita Maduo:
Okay, thank you, Enrico, for that. Brief, sorry. Oh, okay, sorry, sorry, sorry. So effective cyber capacity building actually requires multifaceted approach and a very sustained commitment from donors, from implementers, and as well as recipients. So drivers and coordinators of such efforts should be intentional about onboarding new strategic members such that the voices of all parties are diversified and initiatives do not remain stale due to having the same players at the table at all times. So by working together and following these actions, then we can effectively enhance a national cyber security resilience and capabilities.

Calandro Enrico:
Thank you. Thank you, Rita. Teresa.

Tereza Horejsova:
So yes, let’s consider this openness that we want to build to the extent possible as a win-win-win situation. And without wanting to sound pathetic, let’s really try to talk more and exchange more. Yes, thank you.

Calandro Enrico:
Thank you. Claire.

Claire Stoffels:
Thank you. I just have one major point. So I think I really believe that it’s donors as well as implementers’ role to really promote and carry out awareness-raising measures, enhance communication, and facilitate cooperation amongst actors and bring relevant parties. together and facilitate knowledge and information sharing as much as possible.

Anatolie Golovco:
I think that’s my main point. Thanks. Anatoli? I believe my main point is we need a people-centric approach in all the cyber security. So we need to reduce the complexity of tools to protect and to rethink from scratch the entire cyber security architecture of states. So having a good strategy is what we need and probably we need to put more effort in the strategy and rethinking the existing ecosystem instead of putting layers of security on top of badly

Hiroto Yamazaki:
designed things. Thank you. Hiroto? Okay, thank you very much. So through this discussion, of course the coordination is very important with the multi-stakeholder or the bilateral to reduce the duplication or to maximize the development impact, but also we must think about the sustainability from the coordination perspective. So we should not, of course we can reduce some duplication, but we should not provide one training or one awareness or one meeting or something like that. That’s not a good way. So we should create something like a kind of sustainable outcomes or sustainable output so that we can coordinate, real-time coordinate with the stakeholders that real-time online, but also I think through that kind of a sustainable outcome such as the guidelines or the training materials or trained trainer and so on so that we can and also we need we can refer to such a sustainable outcomes or sustainable output so that we can kind of the delayed or time difference the coordination. So not the real-time, but maybe we leave one country, but maybe later one donor will join that country, so then that donor can see our outcomes so that we can, we don’t need to talk, but we can. their coordinator later, after we leave.

Calandro Enrico:
Thank you very much, Hiroto. Louise.

Louise Hurel Marie:
Wonderful. Three key points. Definitely, first, I’d say, both from us, like think tanks, implementers, and others, and also like recipients, include recipients in the design phase. I think we can do that. That is a very practical element that we can do. Be it providing a bigger inception phase for projects where we actually get to engage with stakeholders then. So I think from an implementer’s perspective, that is great. From a donor perspective, I think it’s also about thinking what you need to embed that while, you know, to embed that in the timeline. Second, we need to really, and that’s my point since the start, really break down the typology. We need to design a typology, actually, to think about CCB that accounts for the different contexts as we see the landscape evolving, in terms of agencies, stakeholders, and as I said, crises up to conflict and post-conflict situations. And finally, on the South-South point, I would also say that, you know, there’s a next step for developing countries to also kind of empower their development agencies or to also kind of bring more of the cyber into the development agencies, right? Sometimes it’s a different part of the government that’s doing that, but I think there is a remodeling thing. There’s an element of bringing cyber into that. So I would say these are my three key points.

Calandro Enrico:
Thank you very much, Louise. And Regine.

Regine Grienberger:
I think I have nothing to add, so amen.

Calandro Enrico:
It was a lot. No, no, no problem at all. So thank you. Thank you very much for all our panelists for sharing your experience and insight. And of course, for all participants, yeah, we conclude our session. Thanks a lot. But the conversation, of course, doesn’t end here. Thank you all.

Audience:
Thank you. Thank you. Thank you. Thank you all. Thank you. Thank you. Thank you all. Next time I’ll play the devil’s advocate, y’all be like, no, I don’t agree, I don’t agree. We all agree pretty much.

Louise Hurel Marie

Speech speed

185 words per minute

Speech length

2928 words

Speech time

948 secs

Anatolie Golovco

Speech speed

148 words per minute

Speech length

1111 words

Speech time

450 secs

Audience

Speech speed

207 words per minute

Speech length

838 words

Speech time

243 secs

Calandro Enrico

Speech speed

172 words per minute

Speech length

3207 words

Speech time

1116 secs

Claire Stoffels

Speech speed

168 words per minute

Speech length

1487 words

Speech time

531 secs

Donia

Speech speed

204 words per minute

Speech length

77 words

Speech time

23 secs

Hiroto Yamazaki

Speech speed

149 words per minute

Speech length

1164 words

Speech time

468 secs

Regine Grienberger

Speech speed

150 words per minute

Speech length

1487 words

Speech time

594 secs

Rita Maduo

Speech speed

128 words per minute

Speech length

863 words

Speech time

404 secs

Tereza Horejsova

Speech speed

150 words per minute

Speech length

1412 words

Speech time

563 secs