WS #279 AI: Guardian for Critical Infrastructure in Developing World

Summary

This panel discussion focused on the challenges and opportunities of using AI to secure critical infrastructure in developing countries. Experts from various sectors discussed key issues including cybersecurity risks, capacity building, and international cooperation.

Panelists highlighted several challenges faced by developing countries, including legacy infrastructure, lack of cybersecurity expertise, and limited resources. They emphasized the need for upskilling technical professionals and leveraging AI to enhance threat detection and response capabilities. The importance of multi-stakeholder collaboration was stressed, with calls for partnerships between governments, private sector, and civil society to develop affordable and accessible AI-powered security solutions.

The discussion explored strategies for reducing dependence on foreign technology, including developing robust domestic legal frameworks, fostering regional cooperation, and investing in local capacity building. Panelists also addressed the need to balance AI-driven security with privacy concerns and ethical considerations, suggesting a risk-based approach and adherence to international standards and human rights principles.

Key recommendations included prioritizing critical infrastructure protection, developing national and regional cybersecurity frameworks, and participating in international forums to share best practices. The importance of tailoring solutions to local contexts while adhering to global standards was emphasized. Panelists also discussed the need for sustainable funding models and tiered pricing to ensure accessibility for developing countries.

Overall, the discussion underscored the potential of AI in enhancing critical infrastructure security while highlighting the need for collaborative, ethical, and context-sensitive approaches to implementation in developing countries.

Keypoints

Major discussion points:

– Challenges in securing critical infrastructure in developing countries, including legacy systems, lack of expertise, and digital transformation issues

– Strategies for training and upskilling cybersecurity professionals in developing countries

– Risks associated with AI systems for critical infrastructure and ways to mitigate them

– Need for international cooperation and partnerships to share best practices on critical infrastructure security

– Balancing AI-driven security with privacy and ethical considerations

The overall purpose of the discussion was to explore how developing countries can leverage AI to enhance the security of critical infrastructure, while addressing challenges around expertise, resources, and international cooperation.

The tone of the discussion was largely informative and collaborative. Speakers shared insights from their various backgrounds and perspectives, building on each other’s points. There was an emphasis on the need for global cooperation and knowledge sharing to address these complex challenges. The tone remained consistent throughout, with speakers maintaining a constructive and solution-oriented approach.

Speakers

– Harisa Shahid: Co-organizer of the session

– Muhammad Umair Ali: Co-organizer of the session, employed in the AI field, represents private sector

– Hafiz Muhammad Farooq: Cybersecurity architect at Saudi Aramco, 20+ years experience in network and cybersecurity

– Jenna Fung: Program director for NetMission.Asia Internet Governance Academy, leads Asia Pacific Youth IGF

– Daniel Lohrmann: Deals with public sector portfolio at Presidio, cybersecurity professional with 30+ years experience

– Gyan Prakash Tripathi: Lawyer, worked with think tanks and research organizations, represents Civil Society Stakeholder Group

– Jacco-Pepijn Baljet: Senior policy officer at the Ministry of Foreign Affairs of the Netherlands

Additional speakers:

– Fernando: Part of Brazilian youth delegation, works in network provider

– Thuy: From .vn directory, part of technical community

Expanded Summary: AI for Securing Critical Infrastructure in Developing Countries

This panel discussion brought together experts from various sectors to explore the challenges and opportunities of using AI to secure critical infrastructure in developing countries. The session, co-organised by Harisa Shahid and Muhammad Umair Ali, featured speakers with diverse backgrounds in cybersecurity, policy, law, and youth engagement.

Key Challenges in Securing Critical Infrastructure

The discussion began with Hafiz Muhammad Farooq, a cybersecurity architect at Saudi Aramco, outlining three major challenges faced by developing countries, particularly in the MENA region:

1. Legacy infrastructure: Outdated systems create vulnerabilities and are difficult to secure.

2. Lack of cybersecurity expertise: There is a shortage of professionals skilled in protecting industrial control systems.

3. Digital transformation issues: Rapid adoption of new technologies without adequate security measures.

Jacco-Pepijn Baljet, from the Dutch Ministry of Foreign Affairs, added that limited resources and budget constraints further exacerbate these challenges. Jenna Fung, representing the youth perspective, highlighted knowledge gaps due to less exposure to new technologies in developing countries and emphasized the digital divide that necessitates tailored capacity-building strategies.

Leveraging AI for Enhanced Security

Despite these challenges, speakers agreed that AI presents significant opportunities for improving critical infrastructure security. Hafiz Muhammad Farooq emphasised that AI can augment threat detection and response capabilities, enabling automated analysis of large-scale infrastructure data. However, Daniel Lohrmann, a cybersecurity professional with over 30 years of experience, cautioned that AI systems themselves face risks such as data poisoning attacks, privacy attacks, adversarial attacks, model theft, and dependency or vulnerability supply chain attacks.

Lohrmann also highlighted a unique advantage of AI in overcoming language barriers, suggesting that AI could make cybersecurity solutions available in multiple languages, thereby increasing accessibility for developing countries. He specifically mentioned critical infrastructure sectors such as utilities, finance, government, and transportation as key areas for AI application.

Capacity Building Strategies

The panel agreed on the critical need for capacity building in developing countries. Jenna Fung advocated for developing national strategies tailored to local contexts and leveraging online resources and regional educational opportunities. Daniel Lohrmann suggested establishing public-private partnerships for knowledge transfer and implementing tiered pricing models for AI security solutions to ensure affordability.

An audience member, Fernando, raised concerns about retaining cybersecurity professionals in their home countries. In response, Hafiz Muhammad Farooq suggested focusing on producing more talent rather than retention, emphasizing the importance of continuous education and skill development.

International Cooperation and Partnerships

Speakers unanimously agreed on the importance of international collaboration. Jacco-Pepijn Baljet emphasised the need to exchange best practices and lessons learned through international forums. He also highlighted the relevance of the Global Digital Compact in AI governance. Hafiz Muhammad Farooq called for the development of global standards and frameworks specifically for AI in critical infrastructure, mentioning the AI Act and AS2 directive as examples.

Gayan Prakash Tripathi, representing the Civil Society Stakeholder Group, suggested forming regional knowledge-sharing and R&D blocks to compound available resources. He also proposed a three-pronged strategy for developing countries to reduce dependence on foreign technology:

1. Robust domestic legal framework and strategic contracting

2. Inclusive, transparent, and accountable government mechanisms

3. Regional cooperation and capacity-building for long-term sovereignty

Balancing Security, Privacy, and Ethics

The discussion addressed the need to balance AI-driven security with privacy concerns and ethical considerations. Daniel Lohrmann advocated for implementing robust data governance and secure model development practices. Jacco-Pepijn Baljet suggested adopting a risk-based approach to AI systems regulation and emphasized the need for both high-level international agreements and local legislation to address ethical considerations in AI implementation.

Key Recommendations and Action Items

1. Develop national strategies for tailored capacity building in cybersecurity and AI.

2. Establish public-private partnerships for knowledge transfer and technology access.

3. Work towards creating global standards and frameworks for AI in critical infrastructure security through multi-stakeholder cooperation.

4. Implement tiered pricing models for AI security solutions to ensure affordability for developing countries.

5. Increase collaboration and knowledge sharing through international forums and regional partnerships.

Resilience Strategies and Future Considerations

Daniel Lohrmann suggested specific resilience strategies against AI-driven attacks, including AI-powered threat intelligence, red teaming, simulated attacks, and comprehensive incident response plans. The panel also discussed the importance of balancing global principles with local context when developing AI and cybersecurity policies.

Conclusion

The discussion underscored the potential of AI in enhancing critical infrastructure security while highlighting the need for collaborative, ethical, and context-sensitive approaches to implementation in developing countries. Future initiatives in this area are likely to focus on collaborative efforts, knowledge sharing, and capacity building, while also addressing the ethical and security concerns associated with AI implementation.

Harisa Shahid: community here, and I’m joined by my co-organizer and partner, Mr. Mohammad Omar Ali from Pakistan, who is employed in the AI field and represents the private sector group here. And without further ado, I would like to introduce the esteemed panelist for our session today. We have Mr. Jacob Papagen, who is a senior policy officer at the Ministry of Foreign Affairs of the Netherlands. He has vast experience in fostering partnerships to address cyber-related issues across several countries. He has served at the permanent mission of the Netherlands to the UN in Vienna on nuclear issues and at the European Union delegation to the Council of Europe in Strasbourg. Next, we have here Mr. Hafiz Farooq with us. Mr. Hafiz Farooq is a cybersecurity architect at Saudi Aramco. He holds over 20 years of experience in network and cybersecurity. He is a three-time fellow at the Internet Corporation for Assigned Names and Numbers, ICANN, and is serving as the member of the Root Server System Advisory Committee and other working groups. He also serves on the advisory board of several Fortune 500 companies. He is an esteemed cybersecurity professional and is joining us here on site. Now, without further delay, I would like to give the stage to Mr. Mohammad Omar Ali, who would like to introduce our online speakers. So you can continue, Omar.

Muhamad Umair Ali: Hi, Harisa. Hi, everyone. Thank you so much for joining. So yes, without further delay, I would like to introduce the virtual speakers. We have Mr. Daniel Lohmann. Mr. Lohmann is an esteemed cybersecurity professional. He currently deals with public sector portfolio at Presidio. He’s an accomplished author and award-winning cybersecurity professional with over 30 years of work experience, starting from the National Security Agency at the United States government, and then has worked up. with Department of Homeland Security as well as for White House and other organizations. So he’s joining us today from New York. I guess it’s quite an early time there. So thank you, Mr. Daniel, for joining us. Followed by that, Jenna Funk. Ms. Jenna Funk is the program director for the NetMission.Asia Internet Governance Academy. She also leads the Asia Pacific Youth IGF as well as an elected member of the Youth Coalition on Internet Governance Steering Committee. She’s joining us from Toronto, Canada today. Welcome, Jenna. And up next, we have the final panelist, Mr. Gayan Prakash Tripathi. Mr. Gayan is basically a lawyer and has worked with several think tanks and research-based organizations. He is joining us as a representative of the Civil Society Stakeholder Group today, and he is currently based in Vienna, Austria. Thank you so much, Mr. Gayan and everyone else for joining. Over to you, Harza.

Harisa Shahid: Okay, thank you so much, Romain, and thank you so much for our esteemed speakers for joining us today. So starting with this session, there is a question that what is actually the critical infrastructure? So introducing the critical infrastructure, it refers to the physical and digital systems, assets, and networks that are essential to the functioning of a society and economy. These systems are crucial for ensuring public safety, economy stability, and national security. Any disruption or damage to critical infrastructure can have serious consequences for the public health, safety, and obviously the national and global economy. Such infrastructure includes but is not limited to energy infrastructure, the transport network, healthcare network, financial services, defense services, and critical manufacturing, among others. Today, we aim to discuss navigating the security of such critical infrastructure in the rapidly developing world. developing age of AI through the multi-stakeholder participation, international cooperation, capacity development, resource allocation, and building resilience into the infrastructure for the developing countries. So, this brings me to my first question, and I would like to ask Mr. Hafiz Farooq that, what are the unique challenges faced by the developing countries, like particularly we have seen in Middle East to the North Africa and South Asia, in securing critical infrastructure from cyber threats and how can AI be used to address them?

Hafiz Muhammad Farooq: First of all, thank you very much for inviting me today for this great panel discussion. I’m Hafiz Farooq from Saudi Aramco, so it’s a great question. I would say in the developing countries, especially MENA itself, the major challenge we have is in the area of critical infrastructure. I would say there are three major areas where we see there are issues. The area number one, I would say is the legacy infrastructures. In the developing countries, the companies don’t have huge budget to upgrade their security infrastructures. They keep using outdated systems and technologies because of lack of resources and lack of budgets, and here comes a problem. So, these old system they keep using, they have lots of vulnerabilities, they don’t have security features which are required these days. So, they actually create a huge attack surface for attackers to attack on your infrastructure, and here comes a problem. So, the legacy system is one problem. The second problem which I want to highlight in the critical infrastructure is the lack of security expertise. You know, the lack of expertise, in the critical infrastructure domain is a global problem. It’s not only a problem for the developing countries, it is a problem everywhere. But obviously developing countries are also getting the heat of this problem. You will find many security experts in the industry who know about the TCP protocol, but when you talk about any ICS protocol, like Modbus TCP, you will not find many experts who know in-depth detail of the technology. So I would say lack of expertise is one of the problem and companies need to dedicate some budget on training their resources, training their individuals to make sure they are on top of the new technologies coming in this area. And third important area which I want to highlight is the digital transformation. It’s not an issue, I know all of you guys love digital transformation and I really appreciate that also, but the problem is people do spend money on digital transformation, but they don’t give attention to spending some money on securing the digital infrastructure. So when are you deploying these digital infrastructure, make sure that you deploy cybersecurity controls on top of that. And if you don’t do that, these transformation will become a pain in time to come. So you need to keep this thing in mind. Now coming to the second part of your question, Harsha, which is about how can we use AI for this? I think obviously AI is a great technology, it can do many major stuff to secure our critical infrastructures, but two areas are the key areas where AI can be very useful. One of them is threat detection and response. So you can ingest all your data from your critical infrastructure in real time to your algorithms and they can find anomalies out of your daily operation and find out if there is a real time security threat. So detection and response can be augmented by AI big time, there is no doubt about it. Especially a company like Aramco, we have like a massive infrastructure, I mean, we have a million. of assets scattered all across the world. We need army of resources, army of SOC analysts sitting in real time, sitting in the SOC, doing analysis on these events, which is impossible. So here comes the role of AI, where AI algorithms can tap in they can jump in and they can make life easy for you. This is what my company is doing. We can’t just employ hundreds of security analysts just to do everything. We have to rely on AI. So I hope I answer your question. Thank you.

Harisa Shahid: Perfect, very well. Thank you so much for the great points made. One of the thing you highlighted is the lack of expertise as we all know that it is a very major problem. And the first issue that comes to mind when we talk about cybersecurity and AI that for you to deploy these solutions it must have the required expertise in order to work in these areas. So this brings me to my next question, which is to Jenna Fung, that what are the most effective strategies for training and upscaling technical professionals in developing countries? As I’ve seen that you have been working with some civil organizations and the community as well. So, and how we can leverage AI for critical infrastructure security and like what is the limitation for their adoption? So I would, the floor is all yours, Jenna. Okay. I think Jenna is unable to unmute herself. Can you please make her a co-host? Okay, can we make Ms. Jenna Fung the co-host?

Muhamad Umair Ali: Also, can we do this the same for Gyan and for Daniel Lorman? I think I did put requests to the IGF host but haven’t heard back from them yet.

Harisa Shahid: Okay, they’re working on it. It’s done? Okay, it’s done. I think Jenna, can you please try again? Okay. Okay, I think, while Janet tries to reconnect, we can move on to our next question, which is from Mr. Dan. What are the primary cybersecurity risks associated with AI systems, and how can these risks be mitigated to protect the critical infrastructure? Dan, are you able to unmute yourself? I think the host is unmuting me again and again, and not Dan and Jenna. Can you please unmute Mr. Dan and Jenna Fung? Hello, can you hear me now? Yeah, yeah, perfect. We can hear you.

Daniel Lohrman: Yeah, but I cannot, the video is not started, so I don’t know if you can see me, but I can certainly start talking if you’d like. Yeah, sure. Yeah, I’m getting a message saying the host must unmute you, or the video is not enabled. So, yeah, so thank you all. First of all, great to join you today, and as soon as the video comes live, I’ll be happy to be on video, but it’s great to be with everyone. I’m actually in Michigan in the USA, and this question is a really important question. I mean, there’s a lot of different challenges. Just to repeat again, you want me to answer the primary cybersecurity risk associated with AI systems, and how can these be mitigated? Is that correct? Yeah, yeah, yeah. Great. So, I mean, first of all, I just would say that AI is being used extensively to attack us, so AI systems can be exploited to execute large-scale automated attacks, such as spear phishing malware distribution. And AI-driven attacks are actually spreading and broadening and deepening the attacks against critical infrastructure worldwide. So this is happening all over the United States right now, all over the world right now. And still the video is still not working. But on the actual AI systems themselves, I think I just want to mention four or five different areas and I can dive into some how ways we can mitigate these. But from data poisoning attacks to privacy attacks, adversarial attacks. So for example, data poisoning attacks, malicious actors manipulate training data to bias or compromise AI models leading to faulty decision-making. And so that, for example, poison data can cause an AI system managing a power grid to misclassify a threat resulting in an outage. Privacy attacks, AI system might reveal patient data during training or an adversarial attack. Attackers input specifically crafted data to deceive AI systems causing incorrect outputs. And so we need to make sure that those are protected against. Another type of risk we have is model theft. AI models are stolen via exposed APIs, application programming interfaces or insider threats enabling attackers to duplicate or misuse them. So stolen models can be weaponized to attack critical systems or sold to competitors. And then just a couple more, I’ve just mentioned some dependency or vulnerability supply chain attacks. So third-party components or open source libraries using AI systems might contain vulnerabilities. A compromised library and an AI application managing water supply can serve as an entry point for attackers. So the second part of your question, I’ll just mention briefly. So what are some things we can do around mitigating these? And mitigating AI cyber security. security risks in critical infrastructure require us to have a robust data governance model such as validating data sets using differential privacy, which is a technique to prevent data poisoning and privacy attacks. We also need to make sure we’re doing secure model development, including adversarial training and regular updates to build resilience. And when we have attacks, you know, be able to sustain them and recover. Access controls, encryption, and network segmentation can protect against unauthorized access and the spread of these attacks. And then with the third-party risks, you know, they can be reduced through stringent vetting and secure software practices. Continuous monitoring with AI-driven anomaly detection can ensure proactive threat management. And then lastly, I just want to mention instant response plans need to be updated. And you know, models like NIST, there’s a variety of different really great instant response plans. Be ready, but when attacks do happen, that you can collaborate on threat intelligence to strengthen people’s defenses. And as was mentioned earlier, there needs to be more training and awareness to create a culture of security and resilience. So those are some of my… It’s working now, so good to see you. And so those are some of my opening comments.

Harisa Shahid: Thank you so much. Thank you so much, Mr. Dan. And now I would like to move towards Jenna. And Jenna, I will repeat the question. The question was that what are the most effective strategies for training and upskilling technical professionals or youth in the developing countries to leverage AI for critical infrastructure security? And what do you see are the limitations for their adoption?

Jenna Fung: All right, thank you so much. I hope that I am audible in the room and awesome. And I got a thumbs up from Dan as well, so I assume remote participants can also hear me clearly. Thanks for having me on this panel. Given my background, I work mostly with young people in Asia Pacific regarding capacity building, having some knowledge to a certain extent about cybersecurity and infrastructure and all that. Although I can’t speak for the technicalities of all the subject matter, but I do have some opinions on how I see what we could do or do better for capacity building, especially if, I mean, assuming the title of our sessions and in many sense, we are using this ever evolving technologies for critical infrastructure these days. And with my experience working with many young people in Asia Pacific in the past six, seven years, and you could see that many of the time there’s some knowledge gap in that. And as I currently reside in North America as well. And so I think that’s some differences when we are somewhat exposed to the same level of like development, things are really new and people who have knowledge, like for example, governments or companies are using it on infrastructures or things that people from anywhere use every day. But because for example, people in a developing countries might have less resources or opportunity to be exposed to informations or resources to learn more about it. And they essentially become more vulnerable and there’s like a big gaps in between. And I will spare you all the details about what is about digital divide and all that. I think essentially, of course, like ideally, like you said, is that there should be a tailor-made national, like a tailor-made… strategies on how to do capacity building for people who implement or execute this kind of technologies in their works. But especially, for example, government or even civil servants who use it at their work, I think they should be the first group of people who need resources. But also there is like people who receive the use of people who are being impacted by the implementation of these technologies in the infrastructure as well. They should develop their literacies towards this kind of tools or the use of AI as well. So I think a national strategies will be ideal and helpful. But many of the time, because like I said, there’s like financial restraints or resources and there are many other even more critical things that you need to invest and put effort into it or prioritize because there’s like geopolitical tensions or you need to allocate other resources and prioritize your energy for dealing with, for example, climate change and all that. And there are times that capacity building will sometimes being put behind our head. So I think there are times where individuals or especially young people in developing country can leverage the power of the Internet, perhaps to kind of look for resources elsewhere. And even like not within your own country, perhaps you can look within your regions if there’s like any NGOs or organizations are providing this kind of like. educational opportunity for you to enrich your own knowledge. I mean, perhaps like many, many people are aware of a lot of like big corporations also offer some sort of like skill trainings, like a, like a micro credentials opportunity for you to learn about things as well. So I think that will be helpful for young people to kind of like develop knowledge as well. So I will stop here and hopefully can chat about more and touch upon other questions as the audience also ask questions later on. Thanks.

Harisa Shahid: Thank you so much, Jenna. And the points are very well made. One of the most important point I would highlight here, as Jenna mentioned, that we can look within our own region to educate people. And because we are specifically talking about the developing countries, it’s always difficult for the developing countries to invest more resources and to get resources from across the borders. Right. So this leads to the next question, which I would like to have from Gyan, that how can developing countries rely less on foreign technology to ensure security of critical infrastructure and maintain digital sovereignty?

Gyan Prakash Tripathi: Thanks, Sarasa. And hello, everyone. Excellent to see many familiar faces on the panel and in the audience. This question of digital dependency and export of technology, as well as the governance architecture, is also something that kept up popping during the now concluded first research cycle at the Observatory of Information and Democracy. Through our meta-analysis of global literature, we observed that the emergence of epidemic injustice due to the corporate incentives, strategies and practices involved in designing, developing, selling and controlling socio-technical solutions that are at the heart of information ecosystems. These then make global South nations vulnerable to exploitations. by further privileging of information and knowledge that are neither representative nor inclusive. To address this, I suggest a three-pronged strategy that emphasizes legal safeguards, multi-stakeholder accountability, and capacity-building measures. The first prong is a robust domestic legal framework and strategic contracting. Here, global South and developing nations must codify clear obligations into their legislations, which must themselves be human rights-centric. They must enact legislation and regulations that mandate transparency, human rights due diligence, and data protection protocols for all technology suppliers, regardless of their origin. They must also have stringent contractual terms that demand technology transfer, skills development, and long-term support arrangements. By these provisions, they could also include mandatory training for local engineers, commitment to open standards, and clear exit strategies that can prevent vendor lock-in. The second prong that I would strongly suggest is inclusive, transparent, and accountable government mechanisms, which can be achieved through multi-stakeholderism. There must be a clear and direct independent oversight by bodies that include government representatives, CSOs, industry experts, and also human rights advocates. But I don’t think I need to elaborate on that in this forum. And the approach is, of course, well-documented. The third and more critical prong of the strategy is regional cooperation and capacity-building for long-term sovereignty. It is pertinent that global South nations form knowledge, R&D, and cooperative blocks to compound the resources that they have available. This can be done either through collaboration with geographically proximate countries facing similar challenges to develop common legal and technical standards. Another way it can be achieved is by forming issue- or interest-based blocks. which can increase collective bargaining power and reduce the risk of exploitative deals. Each prong of this strategy seeks to reinforce sovereignty, protect local interests and uphold human rights standards. By implementing this, developing countries can create a balanced, forward-looking legal and policy ecosystem which will respect human rights, reinforce sovereignty and foster resilient, fair and beneficial technology partnerships. Thank you and back to you, Harisa.

Harisa Shahid: Thank you so much, Kian, for your valuable input. So after listening to every speaker here, I would like to move on to Mr. Jackal. You have worked with the government sector and have expertise in that. So I would like to ask you that what do you see are the key challenges and opportunities in establishing international partnerships to share best practices and technologies for critical infrastructure security, particularly in the context of AI?

Jacob-Pepijn Baljet: Thank you, Harisa, and thank you to all the speakers before me, which I can actually echo many of the points made before, because together they bring all the perspectives together and I think that’s also very symbolic for the IGF as well, where all stakeholders come together and learn from each other. So thank you for that. I would say, of course, we’ve heard it before too, one of the challenges usually is to bring enough human resources and finances together. And on the other hand, AI can also relieve a lot of challenges in terms of human resources, as the other speaker said, because you can use AI instead of actually checking all the cyber security vulnerabilities by persons. So I would say… These challenges together mean that one has to prioritize. And especially in terms of critical infrastructure internationally, we have not agreed one agreed definition of what is critical infrastructure. And maybe we don’t also need it because every country and every region is different. We did agree in the UN that, of course, the core infrastructure of the Internet, the general availability and integrity of the Internet, is part of the critical infrastructure. And I’m glad you said you were also involved with ICANN. And, of course, ICANN is also part of this. So I would also like to stress that. But other than that, of course, I think many countries will share many critical infrastructure ideas. It’s quite logical to say that energy grid or water supply or your own cybersecurity operation center or your SOC or your CSIRT are part of your critical infrastructure. So I would say one has to prioritize. Every country would have to find their own national priorities. But you can, of course, exchange within your region. It was also mentioned. What are your most priority issues? And one opportunity in international partnerships is also exchanging best practices and exchanging ideas. Also, negative experiences. It’s also very important that you share negative experiences together so that people can learn from each other. And let’s see, there are a number of international mechanisms already for that. There’s both the Internet Governance Forum, but there’s also the AI for Good Summit with the ITU in Geneva. There are many forums open to stakeholders. There’s also the Global Forum on Cyber Expertise, which is built to share this knowledge together and to bring supply and demand on capacity building together to actually bring stakeholders from the private sector and from the public sector together. the governments together from both the Global South and other countries. And also these days we also hear a lot about the Digital Cooperation Organization. It’s also an interesting organization that brings stakeholders together. I don’t know if they do a lot of work on AI yet, but I think that will be a logical step too. And here at the IGF there’s also a lot of talk about the Global Digital Compact and what has come out of it on the UN level. There are a number of mechanisms that will have to be implemented now on AI governance. And you also see there that it’s built to bring all the stakeholders together. And I think that’s the most key message I want to give, that it’s important that any mechanism or international partnership actually brings both civil society, academia, private sector, the technical community, and the governments together to really learn from each other and not only speak in their own bubble or in their own silo, and also between different owners. Because critical infrastructure, sometimes it’s owned by the state and sometimes it’s a private sector company. And then it’s important also within your country that you have mechanisms that you can exchange knowledge and exchange experiences within your country between the different stakeholders.

Harisa Shahid: Very true. Thank you so much for your input. Now this leads to the next question, as we have already mentioned, that it’s important for the collaboration between all the stakeholders, including the private sector, the government, and civil society to develop and deploy AI-powered security solutions that are affordable, because we are talking about the developing countries, and accessible to developing countries. So please, over to you, Mr. Dan. Yeah, thank you for the question. And I really appreciate the comments that were just given, because I

Daniel Lohrman: I think they really lead into that really well. And I think that this is a huge challenge. I would just echo some of the comments and just, I’ve prepared a number of different aspects of how private sector companies can collaborate with governments and civil society. I think, first of all, it just starts with a commitment that you wanna do it, you know, that we all, I mean, there’s a saying we say a lot in the US, which is when you’ve climbed the ladder, you need to send the ladder back down and help other people back up. It’s in all of our interests, the global interests to work together, to partner. Many, many companies, certainly in the US, but all around the world have great partnerships in developing countries. Others, it’s a new thing for them, but they recognize that it’s in the long-term best interests of everyone, the whole society, but also their own companies of where they wanna go and how they wanna work together and partner in the future. So how can you do that? You know, public-private partnerships is a big one. Talk about NGOs, non-governmental organizations, partnering with those. I think from a practical perspective, you need to have tiered pricing models, offering subsidized or tiered pricing for AI-powered solutions to ensure affordability for low-income regions. I think that’s done in other areas in society. We’ve talked about, you know, for example, pharmaceutical prices, drug prices for different things at different parts of the world. There’s models around that. The same kinds of things may need to be considered with AI and technology. Capacity building and skills development across organizations, and really making sure we have local training programs that meet the local needs. Because, you know, I’m sitting here in the United States. Obviously, I don’t understand the specific needs of the developing countries. I’ve actually. We’re very interested in that and working together with those on this panel and others around the world, and we’d love to help in different parts of the world in developing countries in Africa and around the world. But honestly, you know, developing these partnerships that transfer AI expertise to local professionals will ensure long-term sustainability, and it needs to be done and contextualized and localized to those. I think thinking about long-term sustainable models, infrastructure investment, partnering with governments to build the necessary digital infrastructure, such as cloud storage, broadband access in developing regions, but also ensuring that local needs are being met, you know, from privacy perspectives, but that we have proper funding mechanisms in place as well. And I think that’s a big challenge, leveraging international development funds. I know this is a UN panel, but looking at ways we can do grants, finance, initial deployments of AI-powered solutions, and then really talk about, I saw some questions, maybe we’ll get to those in a few minutes, but around local pilots or proof of concepts in a local context. I think those are really important. So, you know, affordable, accessible, you know, it really is going to require multi-stakeholder coalitions. So really establishing coalitions with international organizations, whether that be the UN, World Bank, really talking about working together with NGOs, as I mentioned, advocacy groups, and then just really making sure that we all speak the same language. And I just wanted to close on that. I think, you know, even some of the different terms we use in the U.S. are different than some of the terms that different people use around the world, and part of that is language. you know, different views on different spellings of words in English and that kind of a thing. I’m horrible at foreign languages, by the way, so I admit that up front. But just even the terminology and as we as we think about AI, I think AI can help us and I think it’s a little positive note. You know, I’ve seen applications in the USA with different counties and cities and governments around the United States where they’ve, you know, used to have one or two languages and now they’ve come together and they now support 140, 150 languages. And those same applications can be scaled to work in a wide variety of different communities that maybe, you know, even in like, you know, Washington, D.C., for example, Montgomery County is a great example. The Monty app application is called Monty, M-O-N-T-Y. It’s a great application. That’s in Washington, D.C. in the United States, but it serves communities, people from all over the world that live in that area that now have access to over 100 applications in their own language. And so I think AI can help us in that. And I think it can actually be part of the solution to make solutions that are available, maybe in English, available in multiple languages around the world. So the ability to reuse applications, to be able to learn from others, I think is a big part of this solution. And being able to, you know, not reinvent the wheel, if you will, but actually, you know, partner and say, OK, this government in the U.S. and this government in Europe is doing this really successful application. How can we apply that in developing countries?

Harisa Shahid: Exactly. Very well.Hi, sir. Are you still speaking? We are unable to hear you. Oh, I’m so sorry. Actually, I switched my channel. apologies for that. So OK, moving forward, I have a similar question for you as well, Mr. Hafiz Farooq, that how can multiple stakeholders work together developing a global or a regional framework? Because if we see, some regions do have a framework for cybersecurity and things like that. But if I talk about some developing countries, like if I talk about my country, Pakistan, we don’t have a framework specifically for the cybersecurity or information security. So how can multiple stakeholders work towards developing a global or a regional framework for incorporation of AI in the critical infrastructure security?

Hafiz Muhammad Farooq: Thank you, Harsha, for another great question. I generally agree with what Dan said. There has to be a global standard, first of all. So I agree. The year of frameworks and the legislation, it was very good for the cybersecurity industry because we have seen many standards, many legislations coming across. I will give you a few examples. I will take an example of Singapore. Singapore recently released their cybersecurity master plan 2024, which deals with critical infrastructures. Similarly, we have Hong Kong. First time they passed the bill for the protection of critical infrastructures. That is another example. Similarly, USA has revamped their cybersecurity strategy by including security threat cases for the protection of the critical infrastructure. So this shows how the cybersecurity industry is moving towards legislation, frameworks, and the standardization. Also, you might be aware, most of you guys, about the European Union. They recently enforced an AS2 directive and AI Act. This is something very promising as well. So things are. We’re really positive in 2024, but only I think the missing part is the critical infrastructure legislation, I would say. All these legislation I’m talking about, they don’t cover use of AI for the cybersecurity of the critical infrastructures. That is the missing piece right now. How to address that? As Dan said, it has to be global first. I don’t think so that the only regional approach is going to help us. First of all, developing countries and the technology giants, they need to sit together and they need to work on a global framework first, and then the regional frameworks, they should follow them. I don’t think so that only a regional country like Pakistan or for example, even Saudi Arabia, I mean, they can’t handle the bigger spectrum of cybersecurity threats alone. They need to work in collaboration. I mean, for example, UN is a good forum. ITU is a good forum. They should take the lead and they should actually standardize the use of AI for the cybersecurity of the critical infrastructure. I think more research and development and more collaboration is required for the time being to understand how AI is going to be used, how AI is going to be used for the protection of our infrastructures. So there’s still more work to do in years to come, and I hope, I mean, we move fast before the attacker, they start using AI. We, the defensive guy, we should start using the AI as well to protect our infrastructure. I hope I answer your question. Thank you.

Harisa Shahid: Definitely. So when we talk about AI, there comes some ethical considerations and some other security issues as. well because AI has its own concerns as well. So moving on to Mr. Jacko, I have a question for you that how can governments in developing countries effectively balance the need for AI driven security with privacy concerns and ethical considerations?

Jacob-Pepijn Baljet: Thank you Harissa and thank you Hafiz also for mentioning the need for the standards. I think maybe to start off with your question about security and privacy and ethical considerations, which is a great question and I think it’s a very relevant question. I would start off with saying that maybe there’s not really a dichotomy between the two, but you really need both at the same time. And usually more privacy or more ethical considerations do not mean less security. Both would go hand in hand of course. And also here I would say this question, actually when you talk about cybersecurity, I think that the basic principles, the general principles, they are both, they will be the same whether you use AI or not. And I think the only big difference is that for AI it enlarges many things and it makes many things much more impactful, especially positively and negatively. You can better defend against cyberattacks with AI, but you can also, of course, there is also the risks of the privacy risks and the risks of false data that you are using to train models is much bigger. So I think that that does require international cooperation. The EU AI Act was also mentioned, the risk-based approach to AI systems. So I think the best way to actually incorporate this is both, and I’m going to also continue with Hafiz’s threat here on international standards. and cooperation is to both think about what do we have in common universally, we have universal human rights, we have universal standards already there at the UN level and also yeah, basically globally. And then next to that, we have a local context where everything is happening and in Pakistan, this is different than from the Netherlands, or it’s also different in Saudi Arabia. And I think we need to take that into account too. So I think to actually we’ve seen that in the Global Digital Compact too, when we talk about ethical considerations, we’ve had a push to include that in the Global Digital Compact. So I think the best approach to do this is to have a high level, and I agree with Hafiz that that can be at the UN, to have a broader level agreement on the general principles. And then on the lower level, on a more regional or local level, you can have more legislation or you can have specific critical infrastructure legislation that then you can look at the UN level and say, okay, we agreed these general principles here on the protection of privacy or on the protection of security also. And we base our national legislation on this. And then next to that, because the stakeholder cooperation is important, you can do that locally, but you can also do it internationally. We have many standard organizations internationally. Of course, always a challenge and it’s always a huge investment to actually engage in standard organizations at the IETF or at the ISO or at different organizations. But this is a platform where you can engage with the big technology companies and with the suppliers and with the civil society. So I think it is important to also look there on a technical level with a multi-stakeholder approach, which is in principle open to everyone, but which can be improved for inclusivity to start there with the standards for incorporating AI in the cyber security field. Thank you.

Harisa Shahid: Exactly. And with that, we are coming to the end. of our session concluding the points we have highlighted that the skill building is very important and for the skill building collaboration exactly the main point which every speaker has highlighted here that the collaboration between all the stakeholders is the crucial part to enhance the AI and cybersecurity to raise awareness about the use of AI because right now AI is not being much used for the protection of our critical infrastructure so the awareness is very important so thank you so much for all to all of our speakers for joining us today and now we are moving towards the Q&A session so I would like the audience to if you have any questions please feel free to ask

Muhamad Umair Ali: just to chip in here followed by the on-site audience we also have a question from the online audience so I think we can proceed with the on-site audience first and followed by that I can ask the question that is in the chat box from the online audience

Harisa Shahid: yeah sure so we have one question here

Audience: hello everyone my name is Fernando I am part of Brazilian youth delegation and I work in a network provider so I’m part of the technical sector one thing that was presented as a problem was the lack of professionals in the cybersecurity AI but another problem that I see is even with a long and continual cybersecurity training most of the professionals eventually go to another country to work so basically my question is how to retain these talents in their country to continue their work

Harisa Shahid: Yeah, that’s a very important question. So anyone from the panel would like to ask? Oh, sorry, would like to answer?

Hafiz Muhammad Farooq: Yeah, I would just want to add a comment on the first of all, Fernando, great question. I mean, you know, the world is getting global. I mean, the the people that are moving around is very difficult to retain a talent. Companies are looking for talents. If you’re sitting in Brazil, and the company needs you some other part of the world, they will they will hook you from there. So this challenge is there. But I think instead of retaining the talent locally, the the challenge is to produce the talent. So because most of these systems, as I told you before, their legacy, I mean, I’m not saying that we are not professional, we are professional, but the systems are so old, that there are not enough documentation available, there is not much stuff available where you can simulate where you can train yourself to see how the system is going to operate. So I think instead of localizing localization of resources, we should concentrate more on the training aspect. And maybe the old legacy vendors, I mean, they should start maybe redoing the documentation. I mean, so actually, the my point is that the knowledge base should be increased instead of trying to localize the resource at a different location. Thank you.

Harisa Shahid: Thank you, Mr. Farouk. Does this answer your question? Okay, perfect. So any more questions we have?

Muhamad Umair Ali: I do have one from the

Harisa Shahid: We have one from the on-site participant.

Muhamad Umair Ali: I’m sorry, on-site or online?

Audience: My name is Thuy. I’m from .vn directory. We are from technical community. Then I have a question that we are talking about promoting using AI to protect our critical infrastructures. So I have a question that what infrastructure do you think will be in scope? of the critical infrastructure. Thank you.

Harisa Shahid: So your question is, basically, what infrastructure do we think is the critical infrastructure, right?

Audience: Yeah. My question for the panelists is that, what can you name some infrastructure that will be in the scope of critical infrastructure that should be protected by AI promotion here? Thank you.

Harisa Shahid: Thank you so much. So anyone from the panel would like to answer the question?

Daniel Lohrman: I can start. Certainly, from the US perspective, we have dedicated sectors that we’ve listed. There’s, depending on which people you talk to, 16 or 17 sectors. So everything from all utilities, water, power, but to finance, certainly banks, insurance companies, et cetera, government sectors. So that’s state, local, federal levels, all different levels of government. But then you can start talking about transportation. So clearly, airlines, trains. I mean, so really, all of the core physical infrastructure in society, and it’s actually a website that you can go to and just type in critical infrastructure, certainly USA. But in North America, there’s a very defined list and what’s covered and what’s not covered in the critical infrastructure.

Harisa Shahid: Thank you so much, Jack. Does this answer your question? Actually, we are running out of time. If you have any question, you can connect with our speakers Will that be OK? Thank you. Amir, do we have a, we can take, I think. only one more question from the off-site participants?

Muhamad Umair Ali: Yes, we can take one question. It’s for Dan. The question is from Ankita Rathi, and the question is, can you then please elaborate on the specific resilience strategies that the organizations should develop to recover from AI-driven attacks?

Daniel Lohrman: Absolutely. There’s a number of things people can think about. When you start thinking about threat intelligence, invest in AI-powered threat intelligence to detect and predict emerging attack patterns. Basically, fight AI with AI. Making sure that cyber attacks are moving faster than ever. You need to fight fire with fire almost is the mentality. You can also have red teaming and simulated attacks. Having tabletop exercises, AI augmented defense tools that allow you to respond very quickly. First of all, you need to know about these attacks that are happening and be able to respond very quickly. But I think overall, you really start with a good resilience strategy. Resilience is a very popular word in the US cybersecurity community right now. I think globally, it’s a hot word. You need to have a comprehensive incident response plan. If your critical infrastructure is attacked, whether that be the water, the utilities, the banks, you need to be aware of it. You need to be able to detect it, and you need to have all parts of your organization able to respond, not just from a technology perspective, but people, process, and technology. That means communication. It means working with all levels of, if your bank was hit, if your utility was hit, water supply was hit, everyone needs to know from the. the business side of things, to your clients, to your customers, what are the steps you’re going to take? How are you going to respond quickly? So once you detect that, being able to respond and recover quickly in a resilient way is really, really key, especially with the ransomware attacks that we’re seeing around the world right now. So hopefully that’s a short answer to a much longer question.

Muhamad Umair Ali: Yes, that was quite helpful. Thank you so much for that, Dan. I think that brings us towards the closure of the session. Any concluding remarks, Harisa? Or any photographic sessions?

Harisa Shahid: Yeah, I think we should have a photograph with all the online speakers and on-site speakers. So can you all please turn on your cameras? Jenna, can you do that? Should I stop sharing the screen?

Muhamad Umair Ali: I think it’s occupying quite a good part on the screen.

Harisa Shahid: Yeah, yeah, yeah, you can.

Agreement Points

Importance of international collaboration

Jacco-Pepijn Baljet

Daniel Lohrmann

Gyan Prakash Tripathi

Hafiz Muhammad Farooq

Exchange best practices and lessons learned through international forums

Establish public-private partnerships for knowledge transfer

Form regional knowledge-sharing and R&D blocks

Develop global standards and frameworks for AI in critical infrastructure

Speakers agreed on the crucial role of international collaboration in addressing cybersecurity challenges for critical infrastructure, emphasizing knowledge sharing, partnerships, and global standards development.

Need for capacity building in developing countries

Jenna Fung

Daniel Lohrmann

Hafiz Muhammad Farooq

Develop national strategies for tailored capacity building

Leverage online resources and regional educational opportunities

Implement tiered pricing models for AI security solutions

Lack of cybersecurity expertise, especially for industrial control systems

Speakers concurred on the importance of capacity building in developing countries, suggesting various strategies to address knowledge gaps and resource limitations in cybersecurity and AI.

Similar Viewpoints

Both speakers highlighted the challenges faced by developing countries in securing critical infrastructure due to resource limitations and outdated systems.

Hafiz Muhammad Farooq

Jacco-Pepijn Baljet

Legacy infrastructure creates vulnerabilities

Limited resources and budget constraints

Both speakers emphasized the need for strong governance frameworks and practices to ensure responsible development and deployment of AI-driven security solutions.

Daniel Lohrmann

Gyan Prakash Tripathi

Implement robust data governance and secure model development practices

Develop legal frameworks mandating transparency and human rights due diligence

Unexpected Consensus

AI as both a solution and a potential risk

Hafiz Muhammad Farooq

Daniel Lohrmann

AI can augment threat detection and response capabilities

AI systems themselves face risks like data poisoning and adversarial attacks

While speakers generally viewed AI positively for enhancing cybersecurity, there was an unexpected consensus on acknowledging the potential risks associated with AI systems themselves, highlighting the need for a balanced approach in AI implementation.

Overall Assessment

Summary

The speakers largely agreed on the importance of international collaboration, capacity building, and the need for robust governance frameworks in addressing cybersecurity challenges for critical infrastructure in developing countries. There was also a shared recognition of both the potential benefits and risks associated with AI in cybersecurity.

Consensus level

High level of consensus among speakers, suggesting a strong foundation for developing comprehensive strategies to enhance critical infrastructure security in developing countries using AI. This consensus implies that future initiatives in this area are likely to focus on collaborative efforts, knowledge sharing, and capacity building, while also addressing the ethical and security concerns associated with AI implementation.

Different Viewpoints

Approach to retaining cybersecurity talent

Hafiz Muhammad Farooq

Fernando (audience member)

Instead of retaining the talent locally, the the challenge is to produce the talent.

How to retain these talents in their country to continue their work

While Fernando raised concerns about retaining cybersecurity professionals in their home countries, Hafiz Muhammad Farooq suggested focusing on producing more talent rather than retention.

Unexpected Differences

Overall Assessment

summary

The main areas of disagreement were relatively minor and focused on different approaches to addressing similar challenges in cybersecurity and AI implementation in developing countries.

difference_level

The level of disagreement among the speakers was low. Most speakers presented complementary perspectives on the challenges and solutions for implementing AI in critical infrastructure security for developing countries. This low level of disagreement suggests a general consensus on the importance of international cooperation, capacity building, and addressing resource constraints in developing countries.

Partial Agreements

Both speakers agreed on the need for international collaboration, but Jacco-Pepijn Baljet emphasized sharing best practices through existing forums, while Hafiz Muhammad Farooq focused on developing new global standards specifically for AI in critical infrastructure.

Jacco-Pepijn Baljet

Hafiz Muhammad Farooq

Exchange best practices and lessons learned through international forums

Develop global standards and frameworks for AI in critical infrastructure

Both speakers agreed on the importance of knowledge transfer, but Jenna Fung emphasized individual-led learning through online resources, while Daniel Lohrmann focused on establishing formal public-private partnerships.

Jenna Fung

Daniel Lohrmann

Leverage online resources and regional educational opportunities

Establish public-private partnerships for knowledge transfer

Similar Viewpoints

Both speakers highlighted the challenges faced by developing countries in securing critical infrastructure due to resource limitations and outdated systems.

Hafiz Muhammad Farooq

Jacco-Pepijn Baljet

Legacy infrastructure creates vulnerabilities

Limited resources and budget constraints

Both speakers emphasized the need for strong governance frameworks and practices to ensure responsible development and deployment of AI-driven security solutions.

Daniel Lohrmann

Gyan Prakash Tripathi

Implement robust data governance and secure model development practices

Develop legal frameworks mandating transparency and human rights due diligence

Key Takeaways

Developing countries face significant challenges in securing critical infrastructure, including legacy systems, lack of expertise, and resource constraints.

AI can be leveraged to enhance critical infrastructure security, particularly for threat detection and response.

Capacity building and international cooperation are crucial for improving cybersecurity in developing countries.

A multi-stakeholder approach involving governments, private sector, and civil society is necessary to develop effective AI-powered security solutions.

Balancing security needs with privacy and ethical considerations is essential when implementing AI for critical infrastructure protection.

Resolutions and Action Items

Develop national strategies for tailored capacity building in cybersecurity and AI

Establish public-private partnerships for knowledge transfer and technology access

Work towards creating global standards and frameworks for AI in critical infrastructure security

Implement tiered pricing models for AI security solutions to ensure affordability for developing countries

Increase collaboration and knowledge sharing through international forums and regional partnerships

Unresolved Issues

Specific methods to retain cybersecurity talent in developing countries

Detailed strategies for balancing AI-driven security with privacy concerns in different national contexts

Concrete steps for developing countries to reduce dependence on foreign technology while maintaining digital sovereignty

Specific resilience strategies for organizations to recover from AI-driven attacks

Suggested Compromises

Balance global principles with local context when developing AI and cybersecurity policies

Adopt a risk-based approach to AI systems regulation to address both security needs and ethical concerns

Focus on producing more cybersecurity talent locally rather than solely trying to retain existing professionals

In the developing countries, especially MENA itself, the major challenge we have is in the area of critical infrastructure. I would say there are three major areas where we see there are issues. The area number one, I would say is the legacy infrastructures.

speaker

Hafiz Muhammad Farooq

reason

This comment provided a structured analysis of key challenges facing developing countries in securing critical infrastructure, introducing important context for the discussion.

impact

It set the stage for exploring specific issues like outdated systems, lack of expertise, and digital transformation challenges in developing regions. This framed much of the subsequent conversation around capacity building and resource allocation.

AI-driven attacks are actually spreading and broadening and deepening the attacks against critical infrastructure worldwide.

speaker

Daniel Lohrmann

reason

This highlighted the urgency of the issue by emphasizing how AI is being weaponized against critical infrastructure.

impact

It shifted the discussion to focus more on the immediate threats and need for AI-powered defenses, rather than just theoretical benefits of AI for security.

I think essentially, of course, like ideally, like you said, is that there should be a tailor-made national, like a tailor-made… strategies on how to do capacity building for people who implement or execute this kind of technologies in their works.

speaker

Jenna Fung

reason

This comment emphasized the need for localized, context-specific approaches to capacity building rather than one-size-fits-all solutions.

impact

It prompted more discussion about how to develop effective training strategies tailored to developing countries’ specific needs and constraints.

To address this, I suggest a three-pronged strategy that emphasizes legal safeguards, multi-stakeholder accountability, and capacity-building measures.

speaker

Gyan Prakash Tripathi

reason

This comment offered a comprehensive framework for addressing digital dependency issues in developing countries.

impact

It broadened the conversation beyond just technical solutions to include legal, governance, and capacity-building dimensions. This multifaceted approach influenced subsequent comments about international cooperation and policy development.

I think AI can help us in that. And I think it can actually be part of the solution to make solutions that are available, maybe in English, available in multiple languages around the world.

speaker

Daniel Lohrmann

reason

This comment highlighted a specific, practical application of AI to address language barriers in cybersecurity education and implementation.

impact

It shifted the tone to a more optimistic view of AI’s potential to solve some of the challenges discussed earlier, particularly around accessibility and localization of resources.

Overall Assessment

These key comments shaped the discussion by progressively broadening its scope from specific technical challenges to encompass policy, governance, and capacity-building dimensions. They highlighted the complexity of securing critical infrastructure in developing countries, emphasizing the need for tailored, multifaceted approaches that leverage AI while addressing its risks. The discussion evolved from identifying problems to proposing concrete strategies for international cooperation and localized implementation, ultimately presenting a more holistic view of the challenges and potential solutions in this domain.

How can developing countries form knowledge, R&D, and cooperative blocks to compound available resources?

speaker

Gyan Prakash Tripathi

explanation

This is important for developing long-term sovereignty and increasing collective bargaining power in technology partnerships.

How can AI help in making solutions available in multiple languages around the world?

speaker

Daniel Lohrmann

explanation

This is crucial for making AI-powered security solutions accessible and usable in diverse linguistic contexts, especially in developing countries.

How can we develop a global framework for incorporating AI in critical infrastructure security?

speaker

Hafiz Muhammad Farooq

explanation

A global framework is necessary to standardize the use of AI for cybersecurity of critical infrastructure across different countries and regions.

How can we improve inclusivity in international standard organizations for AI and cybersecurity?

speaker

Jacco-Pepijn Baljet

explanation

Improving inclusivity is important to ensure that developing countries can participate in setting global standards for AI in cybersecurity.

How can we increase the knowledge base and documentation for legacy systems in critical infrastructure?

speaker

Hafiz Muhammad Farooq

explanation

This is important for training new professionals and retaining expertise in managing and securing older critical infrastructure systems.