Agenda item 5: discussions on substantive issues contained in paragraph 1 of General Assembly resolution 75/240 part 6

Summary

This discussion focused on capacity building in the context of ICT security and international cooperation. Participants emphasized the critical importance of capacity building as a cross-cutting issue for enhancing global cybersecurity. Many countries shared their national initiatives and experiences in cyber capacity building, highlighting programs for training, awareness, and infrastructure development. There was broad agreement on the need to avoid duplication of efforts and leverage existing initiatives.

Several key proposals were discussed, including the establishment of a Global ICT Security Cooperation Portal, a needs-based capacity building catalog, and a UN voluntary fund for capacity building. Delegates expressed support for these ideas while emphasizing the need for further details on implementation. The importance of gender inclusivity and addressing the needs of developing countries was stressed by multiple speakers.

Participants also discussed the role of capacity building in the future permanent mechanism succeeding the Open-Ended Working Group. Many advocated for capacity building to be a central component of this mechanism. The chair emphasized the need to make concrete decisions on capacity building initiatives by July, including on the proposed portal, voluntary fund, and future high-level roundtables. Overall, there was strong consensus on the importance of sustainable, coordinated capacity building efforts to enhance global cybersecurity, with calls for action-oriented next steps.

Keypoints

Major discussion points:

– The need for a UN-led global portal on cybersecurity cooperation and capacity building

– Establishing a UN voluntary fund to support capacity building efforts

– Integrating gender perspectives and promoting women’s participation in cybersecurity

– Avoiding duplication of efforts and leveraging existing capacity building initiatives

– Taking concrete steps on capacity building by July 2025 for the future permanent mechanism

The overall purpose of the discussion was to review ongoing capacity building efforts in cybersecurity, identify gaps and needs, and determine concrete steps the UN can take to enhance and coordinate global capacity building initiatives.

The tone of the discussion was largely constructive and collaborative. There was broad agreement on the importance of capacity building and the need for UN-led coordination. The chair emphasized the urgency of making decisions by July, which added a sense of purpose and momentum to the discussion. Overall, the tone remained positive and action-oriented throughout.

Speakers

– Chair

– UNIDIR

– Rwanda

– European Union

– Tonga (on behalf of Pacific Islands Forum member states)

– Cuba

– Thailand

– Bangladesh

– Uruguay

– Bosnia and Herzegovina

– United Kingdom

– Cote D’Ivoire

– Nigeria

– Sri Lanka

– Qatar

– Russian Federation

– Albania

– Kingdom of the Netherlands

– South Africa

– Mexico

– Malawi

– Australia

– Egypt

– Czechia

– El Salvador

– Italy

– Estonia

– Republic of Korea

– Dominican Republic

– Latvia

– Paraguay

– Germany

– United States

– Colombia

Additional speakers:

– Kuwait (mentioned as presenting a proposal)

– Argentina (mentioned as delivering a statement on behalf of a group of countries)

– Under-Secretary-General and High Representative for Disarmament Affairs (mentioned as speaking at the opening session)

Expanded Summary of Discussion on ICT Security Capacity Building

The discussion focused on capacity building in the context of ICT security and international cooperation, with participants emphasizing its critical importance as a cross-cutting issue for enhancing global cybersecurity. The dialogue covered several key areas, including proposals for new initiatives, the role of capacity building in future mechanisms, and the need for inclusive and coordinated efforts.

Importance and Scope of Capacity Building

There was broad agreement on the fundamental importance of capacity building for ICT security. The European Union highlighted its cross-cutting nature across all areas of ICT security, while Thailand emphasized its essential role in implementing the UN Framework for Responsible State Behaviour. Bangladesh and Australia stressed its importance for developing countries to detect and respond to ICT threats and strengthen cyber resilience globally. Italy characterized capacity building as a cornerstone for promoting a peaceful and stable online environment.

UNIDIR Presentation on Capacity Building Activities

A significant portion of the discussion centered on UNIDIR’s presentation of their capacity building activities. UNIDIR outlined their various initiatives, including research projects, training programs, and tools designed to support member states in enhancing their cybersecurity capabilities. This presentation provided valuable context for the ongoing capacity building efforts within the UN system.

Proposed Global ICT Security Cooperation Portal

A major focus of the discussion was the proposed Global ICT Security Cooperation Portal. Thailand expressed support for developing a neutral, modular “one-stop shop” portal, while Sri Lanka emphasized the need for it to be accessible to all member states. The Russian Federation made detailed proposals for the portal, stressing the need for consensus-based agreement on its parameters. They suggested that the portal should contain agreed ICT terminology, not duplicate existing directories, and facilitate the sharing of national legislation on information security.

ASEAN supported integrating a needs-based capacity building catalogue into the portal, while the Dominican Republic stressed the importance of user-friendly access. Colombia proposed that the portal could include a voluntary list for the implementation of norms.

The United Kingdom called for greater involvement of non-governmental stakeholders in the portal’s development, while Czechia stressed the importance of leveraging existing initiatives to avoid duplication.

Kuwait’s Proposal for UN Platform on Norms

Kuwait proposed the establishment of a UN platform focused on norms of responsible state behavior in cyberspace. This proposal was mentioned and supported by several other speakers, highlighting its potential significance in the broader context of ICT security capacity building.

Establishment of UN Voluntary Fund for Capacity Building

The proposal to establish a UN Voluntary Fund for Capacity Building received support from several delegations. El Salvador backed studying the establishment of such a fund, while Albania suggested it should prioritize investments in advanced tools and training. The Dominican Republic emphasized the need for transparent rules on resource distribution.

South Africa supported the fund to assist developing countries, noting that it should accommodate the reality that developing countries are still building core capabilities. Germany stressed that the fund should be designed to avoid duplicating existing initiatives. The third APR highlighted the need for further study on the fund’s establishment and operational details.

Gender Inclusivity in Capacity Building

Multiple speakers stressed the importance of gender inclusivity in capacity building efforts. Paraguay called for promoting the participation and leadership of women in ICT decision-making, while Albania supported initiatives to empower women in cybersecurity. Sri Lanka emphasized the importance of gender-responsive capacity building efforts, and Mexico highlighted the need to address gender inequalities.

Several speakers mentioned the Women in International Security and Cyberspace Fellowship as a positive initiative promoting gender inclusivity in the field.

Regional Cooperation and National Initiatives

The value of regional initiatives in capacity building was highlighted by several speakers. Mexico mentioned the importance of regional initiatives like the CSIRT Americas Network, while Albania discussed efforts to strengthen cooperation within the Western Balkans. Australia noted the value of regional platforms like the Western Balkan Cyber Security Capability Center, and the Republic of Korea expressed support for regional cyber capacity building programmes in ASEAN.

Specific national capacity building initiatives were also discussed. Albania detailed its efforts to enhance cybersecurity education and training. Estonia shared its experiences in developing e-governance solutions and offering them to other countries. The Republic of Korea outlined its CAMP program for enhancing cybersecurity capabilities in developing countries.

Multi-stakeholder Engagement and Sustainability

There was broad consensus on the importance of multi-stakeholder engagement and sustainability in capacity building efforts. Italy called for a multi-stakeholder approach, while Nigeria highlighted the importance of public-private partnerships for funding. Colombia stressed the need to leverage expertise from the private sector, academia, and civil society. Multiple speakers emphasized the need for sustainable, long-term approaches to capacity building.

Capacity Building in Future Permanent Mechanism

Several speakers addressed the role of capacity building in the future permanent mechanism succeeding the Open-Ended Working Group. Thailand called for integrating capacity building as a core function of the future mechanism. The United States supported dedicated thematic groups on capacity building topics, while Latvia proposed establishing a UN Cyber Resilience Academy within the future mechanism. Germany stressed the importance of linking capacity building initiatives to the vision of the future mechanism.

High-Level Global Roundtable on ICT Security Capacity Building

Multiple speakers discussed the proposal for a high-level global roundtable on ICT security capacity building. This initiative was seen as a potential platform for sharing best practices, coordinating efforts, and advancing the global capacity building agenda.

Unresolved Issues and Next Steps

The chair emphasized the urgency of making concrete decisions on capacity building initiatives by July, including on the proposed portal, voluntary fund, and future high-level roundtables. The Secretariat will provide an advance copy of a report on the Global ICT Security Cooperation Portal and voluntary fund proposals before the 10th Substantive Session in February.

Several unresolved issues remain, including specific details on the structure and governance of the proposed portal, exact parameters of the voluntary fund, and how to effectively integrate existing capacity building initiatives without duplication. The timing and format of future high-level global roundtables on ICT security capacity building also require further discussion.

In conclusion, while there was strong consensus on the importance of sustainable, coordinated capacity building efforts to enhance global cybersecurity, the discussion highlighted the need for further deliberation on implementation details. The dialogue set the stage for action-oriented next steps, with a clear emphasis on making tangible progress by July 2025.

Chair: Good afternoon, distinguished delegates. The eighth meeting of the ninth substantive session of the Open-Ended Working Group on Security of and in the Use of ICTs is now called to order. We’ll continue our discussion under agenda item five relating to the topic of capacity building. We have a very long list of speakers, more than 40. And of course, capacity building is a very important issue to everyone, so we will have to listen to each other and listen to every delegation that has expressed its interest to speak. But I would, of course, encourage delegations to submit their fullest statement to the Secretariat to be posted on the OEWG website, and it will be greatly helpful if you could in some way summarize your statements so that it focuses on the most essential points for your delegation. So we will start with the first speaker as UNIDIR as part of that presentations that we wanted to make at the morning session. And then after that, we will go to European Union to be followed by Rwanda, and then the list goes on. UNIDIR, please. Microphone for UNIDIR, right at the back, please. Thank you.

UNIDIR: Thank you, Mr. Chair, for giving me the floor, and in the interest of time and respectful of the number of speakers that you have highlighted is very high, I’ve turned the presentation into a brief statement just to… to go over some of the key points that we wanted to make. First of all, I’d like to start by expressing our sincere gratitude to the almost 30 delegations that over the course of the week highlighted or took time in their statements to highlight the work that we’ve been conducting in support of the work of this group, whether it was the Cyber Policy Portal or the various cyber capacity building activities that we’ve been conducting. I think it’s your support and your vocal support for our activities is definitely the best impact that we could hope to achieve, and it also gives us an incentive to pursue and to continue doing what we’ve been doing so far. I wanted to take a couple of minutes just to present to you the outcomes of what we consider to be a very successful year for the Institute when it comes to the topic of cyber capacity building. We conducted, for the first time, a structured training that brought to Geneva 90 participants from 57 different countries from all around the world to basically go over all the different elements of the framework of responsible state behavior and really engage in deep dive conversations with a range of experts. It was a very successful course. We heard very good feedback about it. We’re always looking at ways to improve. But this for us was really the first time that we were offering, thanks to the support of the United States, we were able to offer this structured training that was really well appreciated and successful. We were hoping to continue to do this in the coming year, perhaps repeating the same sort of basic training for those that did not manage to come the first time, but also adding to our catalog of offering more deeper dives, more kind of level two or graduate level training for those that have already conducted the basic one. But in addition to bringing participants to Geneva for the training, we’ve really in 2024 been able to reach states at home, we have really increased the number of national, regional and sub-regional activities that we’ve been doing, and this is again thanks to the support of our generous donors, Australia, Canada, the United States again, that really allowed us to be more active across all regions of the world, from Latin America to Africa to the Asia-Pacific. I think this is an important step for UNIDIR as we are now in a position to offer more of these targeted bilateral or regional support, so please, if you are in need of our help, whether it is to go through the process of developing a national position on international law or whether you want to go over some of the best practices for the implementation of norms, we are here to help. Feel free to approach us and we will be very happy to discuss how we can be of help to you at the national or regional level. In addition, I think this year has been a year where we’ve piloted a number of different formats and all of them have been successful. I wanted to mention the Women in AI Fellowship that was an activity that was launched as a pilot phase in May of this year, kind of building on the success and the lessons learned of the Women in Cyber Fellowship, which continues to be a leading initiative in promoting gender equality within the context of the cyber negotiations. So this initiative will hopefully repeat next year. And as I said, it has been a learning year for us, but a learning year that has been really, really successful. I also wanted to mention an activity that we’ve conducted for the benefit of the Organization of American States was a week-long virtual training on AI and cyber that happened in September this year. So, again, multiple formats really trying to understand what are the needs of different communities and how we can meet these needs. Thanks to the support of all of our donors, which in addition to Australia, Canada, and the United States include also Czechia, the EU, France, Germany, Italy, the Netherlands, Norway, Singapore, Switzerland, and Microsoft, we were really able to deliver what we think has also been highlighted by many of you in the room as great value to this community and we look forward to continuing supporting all of you in 2025 and beyond. Thank you very much, Chair.

Chair: Thank you very much, UNIDIR, for the excellent work and, as you put it, it’s been a learning year for you at UNIDIR, but I think it has been a learning year for all of us collectively and we are in this learning exercise together because our goals are very much aligned and let’s work together in that same spirit. Thank you very much for that presentation, UNIDIR. Now, European Union to be followed by Rwanda.

European Union: Dear Mr. Chair, many thanks for the floor. I have the honour to speak on behalf of the European Union and its member states. The candidate countries North Macedonia, Montenegro, Serbia, Albania, Ukraine, the Republic of Moldova, Bosnia and Herzegovina, and Georgia, and the EFSA country Norway, member of the European Economic Area, as well as San Marino align themselves with this statement. The EU continues to emphasise that cyber capacity building is essential for promoting a peaceful and stable online environment, including by implementing the UN Framework for Responsible State Behaviour in Cyberspace. In this vein, capacity building is a cross-cutting issue, with links between capacity building and norms implementation, capacity building and the development of national positions in international law. capacity building and the implementation of CBMs, as well as the cooperation with stakeholders. In order to ensure security and stability in the cyber domain, capacity building is needed across the board. The EU has invested heavily in networks and tools to deliver targeted, coordinated and principled cyber capacity activities. For example, in 2019, the EU launched the EU Cyber Capacity Building Network, called EU CyberNet, as a platform for knowledge sharing aimed at strengthening the EU’s delivery of global cyber capacity building. A key feature is the EU Cyber Capacity Building Mapping Tool, which provides an overview of all EU-funded external cyber capacity building initiatives worldwide, along with various activities undertaken by EU member states. EU CyberNet also supports the global implementation of the EU’s external cyber initiatives by managing a pan-European expert pool of over 300 members, conducting training activities and providing a forum for experience sharing and mutual learning within the broader European stakeholder community involved in capacity building. The aim is to implement the logic of a virtuous cycle that would allow to draw collective lessons from the implementation of the normative framework. Mr. Chair, we welcome the progress made, as recently set out in the July’s consensus APR, and would like to encourage further dialogue on the concrete proposals, including the Trust Fund and the Global Cyber Security Cooperation Portal. The EU and its member states would welcome an opportunity to gain a clearer understanding of the functionalities, including in view of the future permanent mechanism. This work should be conducted between now and the end of the OEWG’s mandate to facilitate a smooth transition to the future mechanism. In particular, we would be interested to engage with specific initiatives, such as the proposed needs-based ICT security capacity building catalogue, to help states identify their capacity building needs, which should be integrated within the future permanent mechanism, as well as linked up to the Global Cyber ICT Security Cooperation Portal. Security Cooperation Portal. In our view, a UN portal could serve as a convening platform that facilitates the sharing of expertise, best practices, and capacity-building efforts, as well as other existing and related online platforms, enabling states to effectively implement the UN Framework for Responsible State Behavior in cyberspace. To build on the achievements at the UN to date, the possible development of the portal would need to incorporate and align with existing valuable resources. These resources include the Cyber Policy Portal developed by UNIDIR for information sharing and documentation, and or portals proposed by actors in the area of capacity-building, such as the CYBIL Portal, managed by the Global Forum of Cyber Expertise, that includes information about capacity-building needs, ongoing capacity-building projects, and assistance providers across the multi-stakeholder community. To make sure that synergies are identified and duplication is avoided, the EU would recommend that the discussion on the development and operationalization of the portal continues in the future mechanism to succeed the OEWG. Capacity-building is agreed to be one of the key functions of the future permanent mechanism. To reflect that capacity-building cuts across the issues of cybersecurity and advances the implementation of the normative framework for responsible state behavior, the facilitation of cybersecurity capacity-building within the future permanent mechanism should be a cyclical process. This should include, firstly, exchanging expertise and sharing best practices, secondly, identifying capacity-building needs, thirdly, matching needs with resources, and fourthly, informing the further development of common understandings of the normative framework for responsible state behavior. The EU sees a role for the UN to fulfill a coordinating function by enabling states to make optimal use of existing resources and potential future resources. In doing so, the future mechanism should take into account, promote and support the work of other existing fora engaged in cybersecurity capacity-building, inside and outside of the EU. including the World Bank Digital Trust Fund, the ITU programs, and regional organizations’ activities. The EU looks forward to working with all states to advance this objective, including via capacity building. Thank you, Mr. Chair.

Chair: Thank you, European Union. Tonga, on behalf of the Pacific Islands Forum. Sorry, Rwanda, and then followed by Tonga. Rwanda, please.

Rwanda: Chair, Rwanda congratulates you and the Secretariat for the pivotal role you have played in building consensus that led to the first committee’s adoption of a single resolution on ICT security for the first time since the works of the OEWG began in 2021. This achievement and continued efforts to ensure a smooth and seamless transition to the future permanent mechanism for ICT security signal that the confidence-building measures we have been working on for years are beginning to bear fruit. In your opening remarks, you rightly highlighted the additional layers of understanding that the discussions within the OEWG have achieved. From elaborating on existing and emerging cyber threats to intense negotiations on modalities for multi-stakeholder engagement, the OEWG has been a central platform in building the trust and cooperation we need for this final leg of the process. Rwanda’s delegation is encouraged to see that the exchange of knowledge and experiences facilitated by the OEWG, both in substantive sessions and sideline discussions, has increasingly complemented regional efforts that Member States are actively pursuing to enhance cyber resilience. For example, in October this year, Rwanda hosted the Africa Cyber Defence Forum for the second time, themed Safeguarding Africa’s Digital Infrastructure Against Emerging Technology Threats. This platform brought together experts as well as public and private sector stakeholders from around the world with one common objective. enhancing cyber resilience. The richness in discussions at this forum and similar platforms has proven to be a driver of actionable steps towards the protection of cyberspace, a shared responsibility. As many delegations have highlighted, cooperation, collaboration, and partnerships are critical for the impact we seek. Therefore, Rwanda calls on member states to further invest in platforms and initiatives that foster multi-stakeholder dialogue, enabling the sharing of best practices and resources across borders. Chair, ICT security capacity building for international security requires a deep understanding of the context-specific threat landscape through efforts such as cyber incident detection, mitigation, and response. This understanding is fundamental to the framework on responsible state behavior in cyberspace. Rwanda’s commitment to collaboration in this area is exemplified in the operations of the National Computer Security Incident Response Team, Rwanda CSIRT, which coordinates efforts for prevention, early detection, and response to cyber incidents. This team supports public and private sector organizations by raising awareness and providing timely alerts and recommendations. Rwanda also contributes to international cybersecurity forums as a member of the Forum on Incident Response and Security Teams, FIRST, and Africa CERT. These efforts were reflected in the recently published Global Cybersecurity Index by the International Telecommunication Union. This index ranked Rwanda in tier one for the proactive approach to addressing digital security challenges and its commitment to fostering a secure cyberspace. Going forward, cognizant of the ongoing need for robust cybersecurity measures to advance the digital transformation agenda, Rwanda makes the following recommendations. Firstly, Rwanda proposes that member states prioritize the establishment and enhancement. of National Computer Security Incident Response Teams and Computer Emergency Response Teams as vital components in addressing and mitigating cyber security threats. We call for the international community to provide technical and financial support to build capacity in these teams, especially in developing countries, to ensure effective incident management and cyber resilience. Secondly, Rwanda proposes that member states expedite the process of finalizing the structure and operational framework for the future permanent mechanism for ICT security. We emphasize that this mechanism should be inclusive, flexible, and capable of adapting to emerging cyber security challenges, ensuring that it effectively addresses the evolving threat landscape. Thirdly, Rwanda proposes an increase in multi-stakeholder engagement in the development of cyber security policies and initiatives. This includes fostering continuous dialogue between governments, the private sector, academia, and civil society. Additionally, we urge the international community to invest in global cyber security education programs, focusing on developing a skilled cyber security workforce and increasing awareness at all levels of society to tackle the growing cyber threat landscape. Finally, Chair, considering that our understanding of the cyber threat landscape depends heavily on the accurate interpretation of information generated by incident detection and response efforts at national, sector, and organizational levels, enhancing capacity and collaboration in this area is the one ingredient that international security in the digital era cannot do without. Considering that collective and collaborative effort is essential for ensuring security in cyberspace, Rwanda assures its full cooperation in building consensus during this final phase of the OEWG’s work and ensuring the smooth and seamless transition to the future permanent mechanism for ICT security. security. Thank you, Chair.

Chair: Thank you very much, Rwanda. Tonga, to be followed by Cuba.

Tonga: Thank you, Chair. I have the honour of speaking on behalf of the member states of the Pacific Islands Forum with a presence here in New York, namely Australia, Fiji, Kiribati, Federated States of Micronesia, Marshall Islands, Nauru, New Zealand, Palau, Papua New Guinea, Samoa, Solomon Islands, Tonga, Tuvalu and Vanuatu. The Pacific Islands Forum countries would like to offer our thanks to the Chair for your efforts to ensure that OEWG progresses its work and the prominence to which cyber capacity building has been afforded throughout our work. We are guided by the Pacific Leaders Security Vision set out in the Piketawa Declaration, the Boei Declaration, the Pacific Islands Forum 2050 Strategy for the Blue Pacific Continent, and the Pacific ICT Ministerial Declaration or Lagadoi Declaration endorsed at the 2023 Pacific ICT Ministers’ Dialogue. These instruments recognise the central role of cyber security to the Pacific family’s future peace, security and prosperity. We recognise the role that cyber capacity building has had and will continue to play to strengthen our region’s resilience. However, there is more work to be done. Across our region there have been efforts to support our CERTs, train our professional cyber workforce, putting through initiatives such as the Women in Cyber Fellowship to support greater participation in this open-ended working group and respond to cyber incidents. However, A key issue for the Pacific family is our limited cyber workforces, which can limit our capacity to absorb training and support. Therefore, coordination of cyber capacity building support is essential to ensure it is effective and avoids duplication. In aid of this goal, we have worked within our Pacific family to establish mechanisms and principles within our own region that implement our UN OEWG cyber capacity building principles. We believe that these efforts can serve as a model to others also implementing our OEWG capacity building principles. By way of example, the inaugural Partners in the Blue Pacific, Pacific Cyber Capacity Building and Coordination Conference, P4C, in 2023 identified five key themes for the future of cyber capacity building efforts in our region. One, Pacific leadership. The Pacific leading the co-design of cyber capacity building activities in the Pacific, for the Pacific, and in the Pacific way. Two, contextualized capacity building. One size does not fit all. A tailored needs-based approach is required for the cyber capacity building in the Pacific. It considers each country’s identified and chosen priorities in addition to unique cultural, economic, and geographical context. Three, improved Pacific cyber ecosystem. There is a need for better coordination between all stakeholders. We should be improving the way stakeholders work together to deliver results by dismantling silos, developing original framework, adopting a holistic approach. Enhancing trust and promoting knowledge sharing across all levels. 4. Embedded sustainability. Working to ensure that Pacific island countries are properly equipped to receive the right assistance and retain the capacity that is developed. Cyber capacity building should shift away from an ad hoc approach to longer term commitments that build resilience strategically and holistically. 5. Inclusive development. Adhering to the Pacific way of not leaving anyone behind, no matter the size of the economy. Each island is part of the Pacific family. Cyber capacity building must be mindful not to widen existing gaps in equality, taking a whole of society approach and incorporating more than just the technical aspects of cyber. In 2017, our Pacific family came together to establish the Pacific Cyber Security Operational Network, PACSEN, a platform for Pacific cyber professionals to coordinate, collaborate, train and exchange knowledge. PACSEN has significantly enhanced our region’s cyber readiness and resilience, reflecting the strength of regional cooperation. This network is committed to building a cyber-secure Pacific that reflects our shared values and priorities. We encourage other regions to consider how to interpret and implement our OEWG principles in a way that is context-specific and regionally appropriate, as the Pacific has done. These examples may offer us a useful focus as we consider advancing international cooperation to implement and build upon the capacity building principles within the open-ended working group. and a future regular institutional dialogue. We welcome efforts by yourself, Chair, and initiatives such as the High-Level Global Roundtable on Cyber Capacity Building to increase the prominence of this issue and work towards greater needs-based capacity building coordination. We also welcome the recognition within the Third Annual Progress Report, paragraph 55, of regional organizations and the role they can play within our work here at the UN. Finally, with the adoption of the Pact of the Future, our group looks forward to its implementation, in particular its annexes on global digital compact, where international collaboration and cooperation are key. With this, our group is grateful for the opportunity to lend its voice and perspective for your consideration of these issues. Thank you, Chair.

Chair: Thank you very much, Tonga. Cuba, to be followed by Thailand.

Cuba: Chair, as the delegation of a developing country, we firmly defend the establishment of capacity building. We are not in favor of the fact that actions for capacity building are limited to matters relating to the concepts of some as to how to apply international law or how to implement voluntary norms of responsible behavior. The enormous digital divide and the economic difficulties of developing countries places these countries in an asymmetric position, even in terms of preventing, detecting, and facing threats with regard to ICTs, which very often come from where there is more technological development. And at times they are used as a pretext to lead to future actions. We need to expand the traditional norms of capacity building, which are limited to an exchange of information and best practices. It has been shown that that is not enough to change the digital divide into opportunities. The United Nations has a key role to play. Global and regional initiatives must complement global efforts, and these must be available to all. Chair, you stated yesterday, you warned about the risks of maintaining the status quo. Favoring capacity building comes close to this on matters which not only have to do with cyber security. We need real commitments on the part of developed countries to provide to developing countries upon request, assistance and cooperation, including financial resources and transfers of technology, taking into account the specific needs of each beneficiary state. This has been a request of the Non-Aligned Movement since the previous group, reiterated by a broad majority of the delegations of developing countries in the framework of this group, and they have not found the right response. We need to put an end to all unilateral measures that limit access to collaborative development platforms and virtual learning methods, just to mention a few methods. We cannot speak of real capacity building when we still have retrograde and discriminatory practices. For all states to be able to detect and respond to the malicious uses of ICTs, we need inclusive and non-discriminatory access to knowledge. on ICTs. Our delegation has always insisted that measures or activities toward capacity building recommended by the OEWG must make possible access and closing the digital divide. Thank you.

Chair: Thank you. Cuba, Thailand, to be followed by Bangladesh.

Thailand: Mr. Chair, thank you for giving me the floor. Thailand regards capacity building as central to ensuring not only the participation by all states in the shaping of emerging technology governance, but also the development and utilization of new technologies in ways that are ethical, transparent, and conducive to maintaining international peace and security. In this regard, allow us to highlight three main points. First, Thailand reiterates our full support for the operationalization of the capacity building principles in line with the second APR and is committed to working with others in materializing various capacity building ideas and proposals outlined in the third APR. Thailand appreciates the support for the concept of the need-based ICT security capacity building catalog as proposed by ASEAN. We look forward to further elaborating on its integration into global ICT security cooperation and cybersecurity capacity building portal, GCSCP, to create a practical and neutral one-stop shop platform for capacity building cooperation. In response to the guiding question, our view is that the portal should incorporate a mechanism for continuous feedbacks to allow it to adapt responsively to evolving and changing capacity cybersecurity challenges. Moreover, Thailand also encourages the portal to engage with regional organizations such as ASEAN, including through the ASEAN-Singapore Cybersecurity Center of Excellence and the ASEAN-Japan Cybersecurity Capacity Building Center in Bangkok, to build partnership and foster localized efforts. Thailand envisions the high-level global roundtable on ICT security capacity building being held on a biennial basis to ensure inclusivity, we stress the need for a supporting mechanism that enables meaningful participation of developing countries in this important forum. Second, Thailand supports the establishment of a voluntary fund dedicated to capacity building in the field of cybersecurity. As a participant in the Women and the International Security and Cyberspace Fellowship Program, Thailand believes that the proposed fund should also promote gender-responsive capacity building programs. Third, and my final point, Thailand wishes to place on record that capacity building must be at the core of the work of a future permanent mechanism. The participation of the relevant stakeholders, including private sectors, in the mechanism is crucial to sharing knowledge, best practices, and know-how that could strengthen state’s capacity to address cybersecurity challenges. I thank you, Mr. Chair.

Chair: Thank you very much, Thailand. Bangladesh to be followed by Uruguay.

Bangladesh: Thank you, Mr. Chair. Bangladesh considers capacity building as the cornerstone of this OEWG’s mission and a critical enabler for all states, especially developing countries, to foster responsible state behavior in the use of ICT. Without robust and effective capacity building, the success of this group or the future permanent mechanism would be in jeopardy. To address some of your guiding questions, my delegation wishes to highlight three fundamental yet critically important areas of capacity building that are essential for states to detect, defend against, and respond to ICT-related threats. First, developing a skilled and capable workforce is essential for addressing ICT challenges. This includes fostering technical expertise in areas such as cybersecurity, forensic analysis, and incident response. To enhance readiness against evolving ICT threats, continuous upskilling of professionals and creating opportunities for ongoing learning are vital. In this regard, we propose the establishment of a mentorship program integrated to the Global ICT Security Cooperation Portal, where technical experts from the advanced countries can voluntarily mentor their counterparts in developing countries over the long term. Unlike one-off training sessions, this program would facilitate sustained expert-to-expert capacity building relationships, ensuring deeper knowledge transfer, and creating a robust foundation for long-term ICT resilience. Second, institutional strengthening is indispensable for effectively addressing ICT incidents, empowering and equipping national entities such as SARTs enhances their ability to act as first respondents. This involves bolstering operational capabilities, securing critical infrastructure, and promoting interagency collaboration for a comprehensive approach to cyber threats. To support these efforts, we propose the development of a centralized software repository where developing countries can access licensed software essential for tackling cyber threats. Such a repository would provide cost-effective solutions, enabling countries with limited resources to acquire the necessary tools for safeguarding their digital infrastructure and improving their security. Third, adopting a needs-based approach is crucial for tailoring capacity-building programs to the specific requirements of recipient states. Programs should prioritize assessing and addressing unique vulnerabilities and challenges, ensuring they are practical and effective. We thank QIAT for proposing the innovative idea of establishing capacity-building initiatives specifically dedicated to implementation of norms. We also thank UNIDIR for their excellent work in capacity-building. Chair, on inclusivity, Bangladesh advocates for mainstreaming gender-responsive strategies to empower women and girls in the digital domain. Special attention must be given to persons with disabilities to ensure their equal access. Additionally, as youth are the primary drivers of ICT development, it is essential to mentor and train them in responsible behavior for the use of ICTs. Empowering young minds with knowledge and ethical practices will not only enhance their contributions but also ensure a secure and sustainable digital future. Chair, before I conclude, I wish to take this opportunity to share, perhaps this is my last intervention in this group, because soon I will be leaving New York. It has been a distinct privilege for me to participate in almost all sessions of this group thus far. I wish every success of this group, and I hope to chair Far From New York with you on its grand success. I thank you.

Chair: Thank you very much, Bangladesh, for your statement, but also for all the work that you have done right from the beginning of this process. We very much appreciate the contributions of Bangladesh and also, in particular, your contribution. I think perhaps the chair of the OEWG, as well as the Future Mechanism, should be empowered to give certificates to every representative who exits the process so that we will create a very powerful alumni network of OEWG and Future Permanent Mechanism representatives because this is ultimately a community, a community of countries, but more powerfully a community of individuals with the commitment, the passion, and the ideas. And that, my friends, is what the United Nations is about because we all sit behind country name plates, but we are also individuals with ideas, initiatives, and individuals ultimately make a difference, can make a difference, and must make a difference. That is our exercise here, not just in the OEWG, but at the United Nations. So thank you to Bangladesh. Anyone else departing the process, please announce it. We’ll give you a round of applause as well so we can be even-handed. The applause is very generous. We just need to bring our two hands together. But it’s a way of also thanking everyone who has been involved. And I should take note as well that many new representatives have joined the process. We need fresh ideas. We need new energy, a fresh pair of eyes, everything to bring us forward, take a step forward. So thank you very much once again, Bangladesh. Uruguay to be followed by Bosnia and Herzegovina.

Uruguay: In my case, I am also departing. This is my last OEWG, so, Mr. Chair, I also support your excellent idea that we continue to build a relationship in this beautiful community in which we all play a part. First, my country wishes to join in the statement made by Argentina on behalf of a group of countries of Latin America and the Caribbean. Sir, for developing countries, the matter of capacity building is of special importance in our quest for resources, skills, and knowledge necessary to protect our population in cyberspace. We recognize that by capacity building, we will be able to strengthen our resilience and consolidate our cybersecurity systems. This is essential for sustainable development and protecting our citizens. It is imperative for all states to participate in a safe, effective, and significant manner in cyberspace, leveraging these opportunities for development. This entails implementing capacity building strengthening and efforts, taking into account existing and future digital divides. As we have said on other occasions, the technical capacities and the know-how of countries vary considerably. The persistence of the digital divide underscores the responsibility of the more developed nations to support developing countries through transfer of technology, the exchange of best practices, and cooperation. We also recognize the significant progress made in the formats of South-South and triangular cooperation, as we have stated. but it is essential to continue to work strengthening our north-south ties. Chair, the growing interconnection in cyber space presents challenges. Cyber security has become a priority for governments as well as for the private sector and society as a whole in this regard. Capacity building plays a fundamental role in protecting digital assets and the data of individuals. Uruguay supports the exchange of best practices among countries, the holding of joint simulation exercises such as cyber drills or tabletop, which help strengthen our capacities. These efforts go hand in hand with the development of educational programs to improve the skills of cyber security professionals, including analysts. Recently, Uruguay developed its national digital citizenship strategy together with UNESCO. This is an important step in our commitment to protecting human rights in the digital domain. We have also stated our national cyber security strategy, which reaffirms our determination to strengthen our capacities to meet the threats of cyber space. Chair, the establishment of a voluntary fund to strengthen existing initiatives and generate new ones in terms of capacity building must be implemented without delay. Debate should not hinder progress in this regard. ICTs and their malicious use constantly increases. This is urgent. The capacity building should be a central component of the future permanent framework. We welcome the initiatives carried out of this working group, such as the roundtable on capacity building. the establishment of a diplomatic and technical POC directory, and the future simulation exercise to be developed next year. However, the time has come to double our efforts on this pillar, and we think that a more thorough and technical discussion is warranted leading to sustainable and effective international cooperation given these threats. Thank you.

Chair: Thank you very much, Uruguay. Thank you also for your contribution and Urgoy’s consistent engagement in this process, and we also have to give you a round of applause, please. I hope that you in Bangladesh do not know something that I do not know. I hope you’re not jumping ship because we are entering a very crucial phase in our process, but I know that this is the nature of diplomatic life, that we are rotated out. Let me say that everyone else who is leaving the process, you will all be invited to the final session in July, because we are going to have a consensus adoption of the final progress report, and we need everyone here to make that happen, including the network of alumni who may have returned to capital. We want you back here in July. I will give the floor next to Bosnia and Herzegovina, only on the condition that she does not say she’s leaving the process. Bosnia and Herzegovina, you have the floor, please.

Bosnia and Herzegovina: Thank you, Mr. Chair. Actually, I don’t know. Let’s see. Hopefully, I will stay. Thank you, Mr. Chair. At the outset, I wish to emphasize the commitment of Bosnia and Herzegovina to the implementation of the United Nations Resolution 1325. on Women, Peace, Security, as well as to its follow-up resolutions. As they stress the equal participation and full involvement of women in the maintenance of peace and security, we wish to highlight the importance we attach to the full, equal, meaningful and effective participation of women at all levels of society and decision-making, including in the peace-building efforts. The cyber capacity is essential for promoting a peaceful and stable online environment, including by implementing the UN Framework for Responsible State Behaviour in Cyberspace and crucial for strengthening cyber diplomacy, cyber security and cyber resilience. Allow me to express appreciation of Bosnia-Herzegovina to the European Union and its Member States, the UNDP, the United States of America and the OSCE for their support to different highly important cyber capacity building projects and activities in Bosnia-Herzegovina. During the past three days, I’ve shared in each of the statements some information and activities that also pertain to cyber capacity building. For the sake of time saving, I will not reiterate them today, but rather share a few additional points in this regard. Firstly, this year’s Stalin Summer School on Cyber Diplomacy provided an excellent opportunity for Bosnia-Herzegovina to take an active part and have a panelist on one of the panels which was dedicated to cyber capacity building. It was a diplomatic priority in practice, but from the beneficiaries’ perspective. We have the opportunity to exchange on challenges, lessons learned and global and regional priorities with participants from different regions of the world. I’m looking forward to alumni program, which is planned by Italian for the next year. Secondly, we find it important to continuously participate in projects and training by the Western Balkans Cyber Capacity Center. Thirdly, as we intensify our efforts in cyber diplomacy capacity building, we are touching a great importance to promoting gender responsive capacity capacity building with the aim of raising awareness and promoting women empowerment. The Ministry of Foreign Affairs will soon hold one of its regular session of the Women Diplomats Network dedicated to the topic of women in cyber. For this substantive session of the OEWG, we have joined the Women in International Security and Cyberspace Fellowship designed to ensure higher and effective representation of women diplomats from all regions in United Nations cyber negotiations. Mr. Chair, I have shared yesterday that Bosnia-Herzegovina nominated diplomatic and technical point of contacts for the global POC directory. But what I did not mention at the time and what I wish to highlight today is that both of us are women. Furthermore, the same two women represent Bosnia-Herzegovina in the OSCE informal working group on ICTs. In the same way, I wish to commend today’s side event organized jointly by the Federal Republic of Germany and Australia on gender perspectives on cyber capacity building in the OEWG and beyond, and insightful interventions of the panelists. To conclude, as capacity building is a cross-cutting issue, and having in mind that it is an important part of the plan of action on future permanent mechanisms, We are looking forward to continuing to share and cooperate with other countries and multilateral organizations, especially with the view to supporting further capacity-building activities in Bosnia-Herzegovina, stressing at the same time the importance of sustained capacity-building. Thank you very much, Mr. Chair.

Chair: Thank you, Bosnia and Herzegovina, for your statement.

Cote D’Ivoire: Thank you, Chair, for giving me the floor. Mr. Chairman, capacity-building should not be viewed as an abstract concept. The experience in this working group has demonstrated that this issue is truly measurable through its manifestations and results. Thus, there’s a need to more systematically ensure that the principles of capacity-building are integrated into digital security, into programs and projects of cybercapacity-building, especially the principles of coordination, flexibility, adaptability, and sustainability. What’s more, my country welcomes the convening of the Global High-Level Roundtable on Capacity-Building, which was held on the 10th of May. We participated in that roundtable, and we support its institutionalization. The roundtable allowed, through the participation of practitioners, for an exchange of information and best practices geared toward capacity development that is focused on action. The development and the operationalization of the Global Portal on Cooperation and Capacity-Building for digital security must also be a priority undertaking. My delegation reiterates its commitment to a modular, one-stop-shop tool. one that is practical and neutral and aims to prioritize coordination and synergy with other similar initiatives. We are eagerly awaiting the proposal to – which will soon be presented to a number of states by the Secretariat for consideration by the working group in its next session. Cote d’Ivoire also supports the establishment of a capacity-building catalog, which would bring together the needs and facilitate knowledge about access to various cyber capacity programs. Integrating it into the Global Cooperation Portal would bolster its effectiveness. Furthermore, delivering on the ambitious goals in terms of capacity-building that we want to achieve hinges on adequate and sufficient financial resources. Hence, my delegation’s view that there’s a need to establish a Voluntary Contribution Fund as we looked toward the future permanent mechanism. Its role should be to further improve – contribute to further improving the participation of developing countries. This fund must necessarily take into account the issue of gender and promote the involvement of women in processes related to the use of digital – digital tools in the context of international security. From that standpoint, it would supplement other initiatives, such as the Women in International Security and Cyberspace Fellowship, which promotes the participation of female diplomats, in particular in the sessions of the OAWG. Thanks to that program and thanks to financing from Germany, for which we express our appreciation, two diplomats from Cote d’Ivoire had the opportunity for the first time to participate in these enlightening discussions on on current digital security challenges. This is why, in closing, my delegation wishes to extend its gratitude to the Federal Republic of Germany for its support, and we want to advocate for such projects to be expanded and to benefit more and more of our female colleagues whose contribution to digital security and its use can be useful and even crucial. I thank you.

Chair: Thank you very much, Cote d’Ivoire, for your statement. United Kingdom, to be followed by Nigeria.

United Kingdom: Chair, the UK recognises the importance of cybersecurity capacity building, which is why we’ve invested £114 million since 2021 to support partner nations to protect critical national infrastructure. In the context of this OEWG and the future mechanism, we should be striving for open and accessible information sharing for capacity building organisations and states. On this basis, we would prefer not to limit access to any future portal to UN member states only. As others have already mentioned, a UN portal should not duplicate the existing functions of the UNIDIR cyber policy portal nor the GFC civil portal. We also reiterate that any future UN fund should not duplicate the work already undertaken by regional organisations nor duplicate the remit of existing funds such as the World Bank Cyber Trust Fund. If designed improperly, we do see a risk that a UN fund could harm the existing cyber capacity building ecosystem by diverting funds or human resources away from established capacity building programmes. We look forward to further discussions of this proposal following UNODA’s report. Chair, you also asked about the Global Roundtable. The UK emphasises its support for this initiative and sees it as a promising vehicle for for capacity building. The UN’s unparalleled convening power can be a catalyst for capacity building action globally. In order to do so, we can build on the inaugural roundtable by bringing together capacity building practitioners from states and stakeholders, including businesses, non-governmental organizations, and academia on an annual basis. We suggest that recommendations from the dedicated thematic groups and the plenary meetings of the Future Mechanism form the basis of the global roundtable’s program. This would ensure that the UN continues to enhance its role in galvanizing the capacity building ecosystem, thereby minimizing the risk of duplicating existing delivery mechanisms. We hope the next roundtable will occur within the first year of the establishment of the Future Mechanism. Chair, copying the existing stakeholder modalities of the OEWG into the Future Mechanism runs the risk that the non-governmental and private sector organizations on which we rely for our cybersecurity are permanently shut out from giving their views here. Several capacity building organizations are routinely blocked from participating in sessions of the OEWG. This includes the Forum of Incident Response and Security Teams, commonly known as FIRST, which works to connect cyber incident response and security teams across 110 UN member states. The Global Forum on Cyber Expertise implements the UN Women in Cyber program, which is supporting 47 fellows to represent their nations at the OEWG this week. GFC carries out projects in Africa, Asia, the Pacific, and the Americas. Both of these organizations have been blocked consistently from sharing their experience in formal sessions. The diverse needs of states are best met by a diverse range of cyber capacity building organizations. Restricting this for political reasons is a needless hindrance to our discussions. At the same time, stakeholders should not have decision-making powers at the UN. This would not be appropriate. We believe Member States, including the UK, have made their views on this very clear. Finally, we thank Kuwait for their presentation, which we will study in further detail. Thank you.

Chair: Thank you very much, UK. Nigeria to be followed by Sri Lanka.

Nigeria: Thank you, Chair. My delegation would like to once again commend your stewardship and effort towards a balanced outcome document for the ongoing ninth session. Capacity building is an important tool in the cyberspace, and it is considered by Nigeria as a fundamental pillar of trust to bridge gaps between divergent capabilities in all fields of human endeavour. The same notion is applicable under the context of the open-ended working group, particularly in view of dynamic emerging technologies in the cyberspace. The emergence of modern technology is quite overwhelming, in the context of keeping up with its strengths and applicability in diverse sectors. New technologies such as artificial intelligence, blockchain technology, cloud computing, Internet of Things, machine learning, deepfakes, would alter the dynamics of future cyber threats and require continuous acquisition of technical knowledge to keep up with it. In order to bridge the vast digital gap between the countries of the northern and southern hemisphere, capacity building in cyber diplomacy is crucial, while technical knowledge in fields like forensic analysis, constant observation of new technology, intruder activities, and related trends would help identify future threats. Vulnerability assessments and penetration testing are equally crucial to aid early detection of intruders. This knowledge should be need-based. inclusive, transparent, and tailored towards integrating needs with indigenous knowledge for sustainability. The integration of modern technology with indigenous knowledge in recipient country will facilitate the ability to nurture a diverse and skilled capacity building workforce. This enables such states to easily defend their critical infrastructure, critical information infrastructure against cyber threats, and continue to contribute to the nation’s technical resilience as well as create cyber solutions of the future. Mr. Chair, the sustainability of capacity building is premised on a multi-stakeholder platform. This requires a government-led approach and coordinated effort from all stakeholders at various levels. Nigeria supports the view to strengthen coordination and cooperation between states and the private sector as well as non-governmental organizations and academia, noting that public-private partnership would aid funding mechanism for capacity building in developing countries. In line with my delegation’s commitment to gender equality, gender mainstreaming should be encouraged and integrated into our framework on cyberspace. It’s important to emphasize that women participation creates an ambience of fairness and equity, which also encourages diversity of views from a gender perspective when discussing cyber-related issues and its impact in our societies. We believe the promotion of gender equality in a capacity building program should be prioritized at all levels. Finally, Mr. Chair, Nigeria will continue to work with other parties to build a permanent mechanism for capacity building within the cyberspace context. I thank you for your kind attention.

Chair: Thank you very much, Nigeria, for your statement. Sri Lanka, to be followed by Qatar.

Sri Lanka: Mr. Chair, at the outset, I wish to refer to the remarks of the Under-Secretary-General and High Representative for Disarmament Affairs at the opening session on Monday, who highlighted that capacity building is a cross-cutting pillar. and that in the Pact for the Future adopted by consensus in September this year, Member States committed to enhance capacity building efforts to bridge the digital divide. Capacity building for ICT security in the context of international security involves enhancing technical infrastructure, improving human resources, strengthening international cooperation, developing legal and policy frameworks, and ensuring resilience against cyber threats. Therefore, we consider that capacity building should be considered as a cross-cutting issue during the work of this OEWG, as well as in the future permanent mechanism succeeding this mandate. In this regard, Sri Lanka wishes to highlight three significant developments adopted in the third APR that are of importance to my delegation. First, Sri Lanka welcomes the reference to the establishment of a UN voluntary fund to support capacity building efforts of states in securing the use of ICTs. We look forward to receiving from the UNODA an initial report outlining the proposals for the development and operationalization of this fund ahead of the 10th substantive session. Secondly, with regard to the Global Cybersecurity Cooperation Portal to be established under the UN, we reiterate that this portal should be neutral, Member State driven, and a modular one-stop shop for coordination between states on ICT issues. It is imperative that the portal needs to be flexible to evolve, responding to the needs of states in this sphere. Sri Lanka also supports the idea of integrating a needs-based ICT security capacity building catalogue to the GCSCP. Thirdly, Sri Lanka reiterates the call of the third APR to promote gender-responsive capacity building efforts, including the integration of a gender perspective into national ICT and capacity building policies. I join other delegations in applauding the Women in International Security and Cyberspace Fellowship. sponsored by the United Kingdom and other countries and the UNODA delegate sponsorship program as significant capacity building initiatives facilitating the participation of delegates from Sri Lanka. In conclusion, Mr. Chair, Sri Lanka wishes to highlight the need for continuity and sustainability of these capacity building initiatives beyond this OEWG mandate. Thank you.

Chair: Thank you very much, Sri Lanka, for your statement. Qatar to be followed by the Russian Federation.

Qatar: Thank you. First of all, we thank the chair of the OEWG on information and security technology. We will continue to support and cooperate with you as for the principles and practices of responsible behavior. We support the practical principles in this area. That includes Annex A, which sets out certain practical guidelines. A national strategy for cybersecurity has been implemented. Last month, Qatar unveiled its 2024 to 2030 strategy with five different principles – security, resilience, institutions. economic resilience, and prosperity. Also a cyber culture was another principle. And finally, cooperation and reliable data. As for confidence building measures, we have shared capacity building measures. And we did this in the context of the working group. Turning now to CBM number two in the context of our strategy, that is international cooperation and credible partnerships. And that’s also the fifth element of our strategy. Our country participated in the ministerial meeting of Gulf countries last month, and it supported this idea as well. Conferring efforts need to be made to reduce the gap in several areas having to do with security of ICTs. Leaders need to communicate with stakeholders in this regard. Now as for regular institutional dialogue on substantive issues, we have the following proposal. Engaging in dialogue in our working group while avoiding any duplication in the sessions to come. Human resources of certain delegations need to be strengthened going forward as well. As for the third annual progress report, it stressed, for example, the need for consensus. That’s what we’re aspiring to in the forthcoming sessions, and we must adhere to best practices in order to ensure that happens. Thank you.

Chair: Thank you very much. Qatar, Russian Federation, to be followed by Albania.

Russian Federation: Mr. Chair, one of the key tasks of the OEWG is to develop practically oriented proposals on capacity building for ICT security. According to the recommendations of the second report of the group, these measures need to meet the key needs of countries of the global south and the east to overcome the digital divide. They must be non-politicized and open in nature, and they must serve to uphold the principle of sovereign equality of states. We believe that it is unaccessible to curtail the access of countries to cutting-edge ICTs and to deepen their technological dependence on states that dominate this field, including through monopolization exercised by such states or exercised by private companies on the ICT market with the backing of such states. In principle, we support India’s idea to set up a global ICT security cooperation and capacity building portal within the UN. Russia has provided its input to the Secretariat’s forthcoming report on this issue. In our view, the main purpose of such a single-track universal electronic platform on international information security should be to serve as an official website of the successor to the OEWG, as well as to be a repository of information on developments and initiatives related to ICT security. There’s a need to ensure agreement of all parameters of the global portal within the OEWG or in the successor. We need to ensure agreement by states based on the principles of consensus. States must be given the leading role in determining the content of the online portal. The portal must contain terminology, ICT terminology, that is agreed by consensus within the OEWG. There’s a need to thoroughly consider the implementation of the idea of making a section of the portal on global intergovernmental POC directory. It’s important for this portal not to double, not to duplicate the POC’s directory. And on the whole, the portal must not contradict the activities of the POC directory. In order to avoid such an outcome, it would be reasonable to provide for shifting the POC directory online resource to the new platform. As for cooperation of the POC directory with POCs of regional and subregional organizations, it is of primary importance to rely on the POC’s directory as a universal mechanism. We believe that it’s unacceptable for the global portal to exchange information on incidents in the ICT environment. This step would be at variance with the basic principle for operation of the POC, which is the confidentiality of data. Disclosing data under the pretext of helping states stave off threats to the ICT infrastructure could be used as a way to level baseless politically motivated accusations against various states. Such assistance may also encroach on the remit of agencies that are not designated in the POC. What is technologically complex would be guaranteeing the protection of data on the closed part of the portal. We think it would be useful to use the global portal to render assistance to developing countries in the area of security in the use of ICTs. It’s important to provide for the ability to share national legislation in the area of informational security. The full text of Russia’s input on the GP can be found on the site of the OEWG. There is strong demand for the practice of holding high-level roundtables on capacity building further to the chair’s initiative. In national efforts in this area, we are guided by the principle of the respect for the sovereignty of states in compliance with their national legislation. The main thrust of our efforts is focused on a key aspect of assistance in strengthening ICT security, namely training of personnel in information security. Russian universities, including educational institutions of the competent authorities, train, sometimes free of charge, several thousand students from the states of Asia, Africa, the Middle East, and Latin America. We provide them with higher education programs, additional professional education, and continuing education courses. These specialties include information and computer security, methods of detecting and countering cyberattacks. computer network attacks in open information systems, methods and techniques of protecting information from unauthorized access, collecting open source data, countering crime in the area of computer information, also techniques for investigating ICT crimes, and international cooperation in this area, and computer forensics. We’re prepared to take on any applications from foreign partners that are interested. Every year, Russia organizes a whole range of international events. These are dedicated to providing assistance to developing countries in international information security. In coordination with the private sector, we invite foreign partners to participate. Recent meetings include our Kuban CSC conference on information security, the International Forum Partnership of States, Business, and Civil Society in Ensuring International Information Security, and others. We regularly carry out cyber exercises with developing countries. We note what took place in May of 2024 in Nizhny Novgorod, namely the International Cyber Championship on Information Security under the auspices of our annual conference, Digital Industry of Industrial Russia. We invite the representatives of all member states to participate. Allow me now to deliver a statement by the representative of the Ministry of Education and Science of Russia on international information security. Good afternoon, Chair, and distinguished colleagues. Under conditions of geopolitical competition, there is apprehension about the use by certain states of their technological domination to monopolize the market of ICT technologies, to curtail access to those technologies, and also to deepen technological dependence. In this regard, one effective means of overcoming informational inequality is building international cooperation in the area of personnel training, national personnel training. The Russian Federation has laid the necessary groundwork to ensure high-quality education with educational programs on information security. As of today, in our country, there are roughly 22,000 citizens studying in specialties that have to do with informational security. One-tenth of them are foreign citizens. Once prepared by Russian universities, these high-quality specialists return home and make a substantial contribution toward ensuring national digital sovereignty, and they help protect critical infrastructure and develop the economies of their countries. What’s more, these foreign citizens have the opportunity to study free of charge in our universities based on a quota of the government of the Russian Federation. And this year, 30,000 spots were allocated, and we are planning to continue this practice going forward. Next year, in addition to the quota mechanism, we will provide grant support to talented students. Practically speaking, we’re talking about roughly 2,000 grants. These will include covering the costs for flights, for residence, for living expenses, for health insurance, and a scholarship. The number of grants will improve every year, and by 2029. This figure will reach 10,000. And some of these students are selected through Olympiads as well. One of those Olympiads is the International Olympiad Open Doors, which includes an area known as computerized science and data science. Over the seven years of that Olympiad, 300,000 young people have participated in it from over 190 countries of the world. Nearly 6,000 people gained the right to study free of charge in the best Russian universities. Furthermore, since 2018, Russia has been carrying out the International Olympiad, which is specifically for informational security. It’s called the Annopolis Open. It is available for Russian and foreign school pupils. Those who win it or are the runners-up receive the right to enroll in over 90 Russian higher education institutions without taking an exam. In addition, they have the claim to a monthly presidential grant as long as they’re studying in these universities. Considering our existing capacity, we express our readiness to engage in mutually beneficial cooperation with interested specialized agencies of foreign countries on a broad range of issues that have to do with the training of foreign specialists in Russian universities when it comes to information security. Mr. Chair, we also trust that the future negotiation mechanism at the UN on international information security will include a discussion of topical issues that have to do with training personnel in this area. I thank you.

Chair: Thank you very much, Russian Federation, for your statement. Albania to be followed by the Netherlands.

Albania: Albania recognizes the capacity building has an essential role in addressing emerging cyber threats and strengthening cyber security resilience. Accordingly, it has made significant progress in capacity building initiatives. At the national level, Albania has focused on capacity building in order to enhance the ability of institution individuals to defend against the response to cyber threats. The National Cyber Security Authority is focused on both human and technological capabilities, implementing many activities in line with its strategic policies and plans. During my statement on CBMs, I talked about a number of international events organized in Albania. On top of all those conferences and trainings internationally, during 2024 National Cyber Security Authority conducted over 35 training sessions, cyber drills, webinars, and cyber hygiene sections and awarded certification for over 5,000 participants. Those trainings included training operators of critical of important information infrastructures, public administration, employees, teachers, and university students. Cyber hygiene training and webinars have engaged diverse audiences, which were publicly available, raising awareness about cyber security threats and best protection practices across society. The goal is to create a safer and more inclusive cyberspace, not only for operators of critical and important infrastructures and public administration, but for all groups of society. So far, we have realized training for one third of universities in Albania. We are working with vulnerable and underrepresented groups, women, the Roma community, LGBTQI plus individuals, people with Down syndrome. vision-impaired people, et cetera, but by addressing their specific challenges and equipping them with the knowledge and tools to mitigate cyber risks and navigate the digital world with confidence. In addition, we are working not only in raising awareness, but also protection of children online. We have held weekly section of training and awareness with schools around the country, and we are holding training for teachers of students of all ages, have trained all security officers in 200 schools around the country. Our portal offers the opportunity for children to report, raising the number of reportings for this year over 200 compared to the previous year. I want to note also the work that Albania is doing with the goal to reduce the gender gap in cyber security in the country by encouraging and supporting women to pursue careers in the growing field through education, mentorship, and advocacy. During this year, we have initiated workshops only with participation of student and young women in order to inspire and engage more of them to enter the cyber security field. During the event, we have showcased the achievement of women in cyber security to challenge stereotypes, increase visibility, and inspire future generation of women to pursue tech careers. During the day of workshop, we have also offered training programs in order to equip women with the technical and professional skills needed to succeed in the field of cyber security. We are working with local businesses and organizations and institutions to implement policies and practices that promote gender equality and create supportive, inclusive environment for women in cyber security roles. When we organized a youth cyber camp in the region, we asked participants countries in the region to select at least 5% of the team to be women, and this is how we managed to ask and have gender parity in the participation. We are open to join any UN initiative which results in more women in fields of cyber security. Albania has facilitated the participation of numerous cyber security experts in training programs offered by international organizations and partners. The international support has made possible not only raising our capacities in the country, but making possible for us to be part of international forums and being part of meetings like the Open-Ended Working Group as part of a Women in Cyber program, UN-Singapore Cyber Fellowship, UN-UNIDIR norms, international law and cyberspace, and EU cyber forums, to mention only a few of them. Albania has also invested in technological capabilities to strengthen its cyber security protection. The national SOC operating 24-7 has been equipped with advanced tools for real-time threat detection and responses. This has increased monitoring coverage of reduced false positive alerts and significantly enhanced Albania’s ability to protect critical information infrastructures, because we have been also training everyone who has been working in those centers. The new loan cyber security, which was adopted in May according to the NIS2 directive, led to preparation of the risk assessment methodology, cyber incident and crisis management procedure, the methodology for the identification of operators of critical and important information infrastructures, development of a number of playbooks, the work for a new strategy on cyber security, and many more. Those steps have further reinforced the policy framework needed to enhance cyber security. in critical sectors and manage cyber risk and incidents exclusively, thus enabling us to adjust our capabilities accordingly. Albania has taken a role in promoting collaboration within the Western Balkans on capacity building on cyber security. Various events have contributed to building trust, as well as improving cyber security knowledge, skills and policy frameworks aligned with international standards. Additionally, the National Cyber Security Authority has partnered with international organizations to facilitate technical workshops for regional cyber security authorities and has also made efforts to empower youth in cyber security. Regional cooperation has also been strengthened through the regular sharing of indicators of compromise and monthly online event where CERTs engage best practices and addresses challenges on various cyber security topics. Those efforts underscore Albania’s commitment to building regional capabilities and strengthening cooperation on shared cyber security challenges. The mapping exercise conducted by the UN Secretariat provided valuable insight into global and regional initiatives and highlighted strengths on some of them as regional initiatives like the Western Balkan Cyber Security Capability Center, which fosters collaboration and provides training with the regional benefits, Albania also benefiting of this. They also emphasize the platform such Cyber Portal, which enhanced accessibility by consolidating resources, sharing best practices and providing comprehensive overviews on ICT capability building project. However, as the gaps persist, including disparities in resources between states and the limited integration of gender sensitive approaches, Albania advocates for tailored programs. that address these gaps, promote inclusivity and foster international collaboration. To enhance the technological capability, Albania also supports the idea of the establishment of the United Nations Voluntary Fund to bluster ICT security capacity building efforts. Such a fund should put priority on investments in advanced tools and training for their development, ensuring efficiency use of resources and strengthening cyber resilience globally. As for the future, in order to reach a safer cyber ecosystem, our focus in Albania is on attracting and nurturing cyber security talent, empowering women in cyber security, citizen-centered online safety measures, capacity building for critical and important infrastructures, increase of public awareness, develop regional and international cooperation. We are ready to join any UN initiatives on those topics. Before closing, Albania wishes to express its gratitude to the United States of America, EU and the member states, the Netherlands, Germany, UN, OSCE, ITU, UNDP, RCC and a number of organizations, mentioning a few as EGA, GFC, DCAF, CRDF Global for their unwavering support in advancing our capacity building initiatives and filling our gaps. Those have been instrumental in strengthening our cyber security domain. Albania remains committed to advancing inclusive and innovative capacity building efforts, fostering partnership and addressing emerging challenges to build a secure, stable and cooperative digital environment for all. Thank you, Chair.

Chair: Thank you very much, Albania. Netherlands, Kingdom of the Netherlands, followed by South Africa.

Kingdom of the Netherlands: Thank you, Chair, for giving me the floor. Allying with the European Union, I would like to make the following points. Chair, cyber capacity building remains essential for advancing responsible state behavior in cyberspace. Effective and needs-driven capacity building helps bridge capacity building gaps, foster trust, and enhance resilience across the global cyber ecosystem. My delegation commends UNODA for the comprehensive mapping exercise shared in January this year, which offers the breadth of capacity building initiative by both states and stakeholders. Indeed, the report highlights the diversity of actors involved, from UN organizations to governments offering technical assistance, the technical community providing expertise, and platforms that coordinate these efforts. It underscores the richness of the cyber capacity building ecosystem and showcases the many examples of action-oriented capacity building initiatives. Chair, on the global IST security cooperation and capacity building portal, the Netherlands continues to be open to considering the establishment of a practical tool that provides easy access to information related to the work of the open-ended working group or the future mechanism. In our view, the portal could facilitate the sharing of documents, initiatives, and resources relevant to our work. As recommended in paragraph 52 of the third APR, the initial report would take into consideration related initiatives with a view to optimizing synergies and avoiding duplication. It also notes that the portal is to leverage the work done in existing portals, of which the Netherlands considers the UNIDIR cyber policy portal and a GFC cyber portal to be useful examples. These portals host extensive information on state cyber policies, strategies, and capacity building initiatives that could be of great value to member states in their efforts to advance cyber capacity building and bridge the digital divide. Chair, inclusivity is key to ensuring the impact and sustainability of our work. We do note that the proposal for a trust fund requires careful consideration to make sure it will be effective and efficient. Defining a clear scope centered on supporting the work of the future mechanism would be crucial for its success and sustainability. On the future permanent mechanism, capacity building is clearly defined in Annex C of the third APR as one of its functions. As mentioned by Sri Lanka, the Netherlands believes that cyber capacity building should cut across the mandate of the new mechanism, as it supports the implementation of all existing and future initiatives. We see a lot of opportunity to integrate existing initiatives, for example the high level global roundtable on ICT security capacity building into a future mechanism, and we look forward to further discuss this under the agenda item of regular institutional dialogue. Lastly, responding to your question on what more we can do to support and facilitate the mainstreaming of the agreed capacity building principles, I would like to point to the report published by Chatham House on a principle-based approach to cyber capacity building. The report offers concrete recommendations on how to implement the cyber capacity building principles in designing, implementing and evaluating capacity building programs. And, Chair, I want to end my statement by noting that in this ninth session of the Open Ended Working Group, there are 47 Women in Cyber Fellows participating, representing 42 different member states, which is the largest group the Fellowship has supported thus far. We greatly value the various contributions reflecting different perspectives or providing that fresh pair of eyes that you mentioned before. This fosters a more inclusive, rich, and impactful discussions. I thank you, Chair.

Chair: Thank you very much, Netherlands, and apologies that you were cut off. Now, friends, we have about 40 speakers, and it’s a quarter to five. I do not want to cut off anyone, so I’m prepared to stay for as long as it is needed. And this is our initial, very first session of this final cycle, so I think it’s really important that we put every idea on the table, give everyone an opportunity to put the abuse on the table and express the abuse, because that is also very much the spirit of the OEWG. So it’s not for me to cut off the microphone, but I would also once again urge each one of you to reflect on your own priorities in terms of the statements or individual statements so that we give everyone a chance. That too is part of being a community, that we exercise some prioritization and use the option of submitting your statements and to put it on the website so that everyone can share the information and have that information. And I think this is a happy problem in some ways because obviously there’s a lot to be said because a lot is happening in your own countries and you like to share that and you put in a lot of work and you would like that to be known. That’s perfectly understandable. As we go into the future permanent mechanism, more and more things will be done in each of your countries and more and more things need to be said. But we are going to have less and less time for all the more and more things that you are doing. So this is going to be a recurring happy situation. But that means that we have to come back and give everyone a chance. If you’d like to read your entire statement, I can’t stop you and I’m not going to stop any one of you. We’ll just go through the agenda and on Friday 6 p.m. we’ll stop where we stopped. And there’s a risk that we will not get to some of the agenda items, especially regular institutional dialogue which all of you have said it’s very important. In fact, the most important priority for this year. But everything is a priority and therefore I can’t say let’s reverse the order of discussion because the work program is also part of a careful political balance that we have adopted from the very first substantive session. We are into our ninth substantive session. So I leave this responsibility on your shoulders in terms of how much time you think is necessary for you to put forward your national positions. It’s not for me as chair to say you have X number of minutes and your microphones will be cut off. That is not my intention, certainly not at this very first session. So I urge each one of you to be fair to each other and to give each other the opportunity. And to, once again, I urge each one of you to prioritize your key points so that delegations can understand what your key priorities are. Of course, everything is a priority, but help, I invite each one of you to help each other understand your key priorities on this very important issue of capacity building. So we have 40 speakers. At this rate, we will finish on Friday afternoon the question of capacity building. And then that leaves us in a situation where we will not be able to get to regular institutional dialogue. So I’m not going to hurry you at all, because you are a community of nations, and all of you are very responsible representatives and responsible members of this community. So I leave that responsibility squarely with you. And we continue with the rest of the speakers. South Africa, to be followed by Mexico.

South Africa: Thank you, Chair. South Africa, like many other delegations, recognizes the link between capacity building and other areas of the framework of responsible state behavior in the use of ICTs as reflected in the third APR. In line with paragraph 56 of the final substantive report of the first OEWG, we stress that capacity building activities should be targeted, needs-driven, context-specific, evidence-based, politically neutral, transparent, and without conditions, turning to the question on how to further develop the concept of needs-based ICT security capacity building catalog. South Africa proposes that member states, on a voluntary basis, could assess and submit their specific needs. taking into account the evolving threat landscape, technical expertise they require, and the necessary cyber security skills to effectively mitigate cyber risks. We submit that the UN should be the central repository for the cyber capacity needs and initiatives. To facilitate this self-assessment by Member States, we will need a global agenda that sets, amongst others, baseline levels of capacity and priorities. It is true that we do not have unlimited resources for all our capacity building needs, hence the need for prioritization for concrete outcomes, maximum impact, and benefits at national, regional, and international levels. For sustainability, we wish to emphasize the importance of prioritizing train-the-trainer programs. This takes us to the issue of voluntary fund recommended in paragraph 54 of the third APR. One of the barriers of cyber capacity building is the lack of adequate investment and funding. Many developing countries struggle with funding, making it difficult to prioritize ICT security capacity building. Based on this, South Africa supports the establishment of a cyber capacity building voluntary fund. The establishment and operationalization of this voluntary fund should consider that developing countries are still building their core capacity capabilities. Thus, the operational modalities of the fund should accommodate this reality. Some of the key elements of the voluntary fund could include clear objectives and purpose, scope, governance structures, operational modalities, and eligibility. to receive financial assistance from the fund. In conclusion, Chair, South Africa is committed to building ICT security capabilities to contribute towards a secure and resilient cyberspace. Thank you.

Chair: Thank you very much, South Africa. Thank you also for being succinct and brief. You took three minutes and 16 seconds. I think that could be a reasonable norm that we can all aspire to. I give the floor now to Mexico to be followed by Malawi.

Mexico: Muchas gracias. Thank you very much, Chair. Mexico joins in the statement made by Argentina on behalf of a group of countries from the region. And thanks, Kuwait, the Secretariat, and UNIDIR for their statements. My country values the results of the mapping exercise held in January 24, which allowed us to identify and consolidate existing efforts and has emphasized the importance of platforms, including the civil portal of the GFCE. We appreciate progress in the framework of regional cooperation, especially the CSIRT Americas Network of the OAS, which has established an effective model of standardized protocols and incident response coordination. However, we must address persistent gaps, especially those affecting developing countries, as well as digital and gender inequalities. Future efforts must be designed on the basis of the real needs of the countries that receive cooperation to ensure that capacity development initiatives are truly effective and relevant. Mexico’s experience in standardizing incident response and its active participation in networks like CSIRT Americas could be considered a valuable lesson for the global strengthening of cyber capacities. We also underscore the importance of implementing a regular monitoring system and using metrics to assess progress and adapt our strategies to emerging threats. Mr. Chairman, Mexico suggests that the future permanent dialogue mechanism include a global portal which not only centralizes resources but also allows for notices in real time. This will not only facilitate the continuous and effective monitoring of capacity development but would also promote a more active participation of states, guaranteeing constant and accessible update for all participants. In Mexico’s view, it is vital for the proposals discussed on the development of cyber capacities may be action-oriented. This space should be adapted to respond to the priorities of developing countries and regions with the greatest gaps as well as the constant changes that happen in technology. Chair, to support countries, we believe that the coming high-level global roundtable on capacity development could ideally be convened in parallel with important landmarks of the governance of cyber security. In this regard, we suggest that you consider that this roundtable take place in the framework of the second roundtable. Global Conference on Capacity Development of the GFCE, which will take place in May 2025 in Geneva. Thank you.

Chair: Thank you very much, Mexico, for your statement, and just three minutes and 40 seconds. That’s good. Malawi to be followed by Australia, and no pressure at all.

Malawi: Thank you so much, Chair. I will try my best to be as brief as possible. I’m honoured to address the working group on behalf of my delegation. Mr Chairman, I would like to shed light on a critical reality that many delegations, especially from developing countries like mine, face. The harsh truth is that capacity building in cyber security is a daunting task that requires significant resources, expertise and investment. For countries with limited budgets and competing priorities, it is a challenge to allocate the necessary funds to develop the specialised skills and infrastructure needs to effectively prevent, detect and respond to cyber threats. This is not just a matter of resource constraints, but also a question of opportunity costs. Every dollar spent on cyber security is a dollar that could have been spent on other pressing development needs. Therefore, it is imperative that we prioritise international co-operation and assistance in this area, and explore innovative solutions that can help bridge the capacity gap and ensure that assistance in this area, and explore innovative solutions that can help bridge the capacity gap. As we strive to build capacity in cyber security, my delegation is adamant that gender inclusivity is not just a moral imperative, but a strategic necessity. We must harness the talents of women and girls to address the complex challenges in this field. That’s why, just like other delegations, support initiatives like HireCyberTracks by the German government, Women in Cyber by ITU, and Women in International Security and Cyberspace Fellowship by the GFCE, which are bridging the gender gap in cyber security. In Malawi, we are leading by example with our annual Women in Cyber conference and internship program with the National CERT. Notably, Malawi is also serving as the vice chair of the SADC regional computer incident response team task force. This regional leadership role has enabled us to collaborate with other SADC member states to promote regional cooperation and coordination on cyber security issues with emphasis on capacity building. In this context, we would like to highlight a few key points. Firstly, we emphasize the need for a coordinated and inclusive approach for capacity building. This should involve the active participation of all stakeholders, including governments, private sector entities, civil society, and international organizations, as stated in the 2020 UN Group of Governmental Experts report. Secondly, we stress the importance of tailoring capacity building initiatives to the specific needs and challenges of each country. This requires a nuanced understanding of the unique circumstances and requirements of each nation, as well as a willingness to adapt and evolve over time. Thirdly, we believe that capacity building initiatives should prioritize the development of sustainable and long-term solutions. This involves investment in human capital, institutional capacity, and infrastructure, rather than relying on short-term fixes or band-aid solutions. The World Bank has emphasized the importance of building institutional capacity. In the context of cyber security, highlighting the need for strong institutional protections, laws and regulations to support effective capacity building. In the context of Malawi, we have been actively engaged in various capacity building initiatives to strengthen our cyber security capabilities. For example, we have established a national cyber security team which brings together stakeholders from government, private sector and civil society to coordinate our national cyber security efforts. We have awareness and outreach programs throughout the year on cyber hygiene and cyber security through the Malawi Communications Regulatory Authority throughout the year. In addition, through a partnership with the UK government, deployed the GetSafe online platform as well as gotten on board ambassadors for national icons to spread awareness on cyber hygiene and after being trained. In addition to the same, to push the capacity building initiative, we have outreach programs specifically targeting children through which trainer of trainers capacity is being built all year round to raise awareness. Our child online protection initiatives are being supported by the First Lady’s office through which she was appointed as a child online protection ambassador. We have developed a national cyber security strategy which outlines our visions, goals and objectives for promoting cyber security in Malawi. We have established a cyber security incident response team which provides 24-7 support for responding to and managing cyber security incidents. We have partnered with international organizations such as the ITU to receive technical assistance and support our cyber security capacity building efforts. We have also established a cyber security training program. We have also established a cyber security training program which provides training and capacity building for our law enforcement agencies, other stakeholders on cyber security related issues. Officials from the Malawi Defence Force and National Intelligence Service get to be attached at the national CERT for a specified time. This has been very helpful in regards to establishing sector CERTs in the country. These are just a few of the examples of the capacity building initiatives we have undertaken in Malawi. We believe that these efforts have helped to strengthen our cyber security capabilities and promote a culture of cyber security awareness in our country. In conclusion, my delegation believes that capacity building is a critical component of our collective efforts to promote peaceful and secure use of ICTs. We look forward to continuing this discussion and exploring ways to strengthen international cooperation and assistance in this area. Thank you, Chair.

Chair: Thank you. Malawi, Australia, to be followed by Egypt.

Australia: Thank you, Chair. Australia is extremely pleased to align with the statement delivered by Tonga on behalf of the 14 Pacific Islands Forum member states with a presence here in New York on such a crucial issue for our Pacific family. We make the following remarks in our national capacity. Chair, I heed your warning on timing, so I will keep my remarks limited. Australia remains committed to bringing further discussion on cyber capacity building efforts to our OEWG, but also into our future mechanism. The Australian national delegation for this session, in fact, includes two cyber capacity building implementer partners as their own attendance was unfortunately and unnecessarily vetoed. These are important voices that have not been permitted to be heard within this OEWG. Australia has also hosted a number of side events drawing on our regional cyber capacity building work this session, including one today at lunch co-hosted with Germany on the important topic of gender perspectives on cyber capacity building at the OEWG and beyond. My German colleagues will summarise some of the key messages from the event in their intervention. I was proud to speak at that event, highlighting, among other things, our continued support to the Women in Cyber Fellowship. mentioned by many of our dear fellows already this week. We have heard already the record number of fellows, an incredible achievement, and truly showing the real and practical impact that cyber capacity building can have on our discussions here at the UN. However, we do see scope for improvement in our discussions here at the UN. Let me add Australia’s voice and strong support to your earlier remarks and description of the importance of capacity building as a cross-cutting issue, along with many other states. It is with this principle firmly in mind that Australia advocates for the prominence of capacity building across each of the dedicated thematic groups proposed for the program of action. A practical and action-oriented discussion within these groups will allow us to identify where we think further capacity or need of gaps may be. It will also allow us to share experiences on what capacity building programs have worked, or perhaps haven’t, on real practical issues, such as the protection of critical infrastructure. The greater involvement of capacity building implementers will also be critical to the success of the future mechanism. The funding, delivery, and implementation of capacity building is not the exclusive prerogative of states. This voice, and I stress voice and not vote, is missing from our discussions. Turning briefly to the questions on the portal, in the aid of time, I refer to Australia’s submission on this issue on the OEWG website for a more fulsome discussion of our views. Australia welcomes further consideration of a potential portal within the context of the proposed program of action. Australia provides in-principle support for a portal that is well-designed, non-duplicative, that provides linkage between existing mechanisms, and that is funded through existing resources or voluntary contributions. Such a portal could hold valuable information, including technical advisories, capacity building mapping, as well as practical or logistical information regarding the future mechanism. For any portal or mechanism to truly enhance these processes, it must take into account existing mechanisms already providing similar functions, and not inadvertently complicate or duplicate existing mechanisms. existing work. It is also essential for any portal to receive uptake and support of both member states and the multi-stakeholder community. Finally, Chair, we have heard already this week, every day, the importance of regional experiences and existing regional work. We encourage our consideration of the portal and broader on the topic of capacity building to keep this in mind. Thank you, Chair.

Chair: Thank you very much. Australia, Egypt, followed by Czechia.

Egypt: Thank you, Mr. Chair. On the issue of capacity building, we believe that the cross-border nature of cyber attacks and malicious ICT activity, the increased targeting of critical infrastructure and ransomware attacks through territories of third parties, and the involvement of non-state actors and criminal groups proves that preserving state sovereignty, national security, and ensuring a safe cyberspace will be only attained by ensuring that all states, regardless of their development level, have access to the necessary know-how and acquire the essential level of understanding and capacity building on a needs-based approach to ensure the attainment of a minimum level of collective security. That said, we wish to highlight the following three points. First, we express our support to the initiative proposed by Kuwait on the UN Norms platform, and we look forward to its official launching and operationalization, and for it to be hosted by one of the UN servers as the POC directory. Second, we see lots of merit in the proposal to establish a portal for capacity building and ICT, as well as the voluntary fund in this regard, and we look forward for the reports of the Secretariat ahead of our 10th OEWG session. Third, and as the AU was the first to establish a common African position on international law applicability in cyberspace, we wish to announce that Egypt in coordination with Nigeria, will be hosting a series of consultative meetings for African diplomats in New York over the course of the upcoming two months and on the way to the 10th OEWG, to brainstorm and develop common understandings on various aspects of the future permanent mechanism, with the aim of coming to the next OEWG with a strengthened African voice on such issues important to the African continent. I thank you Mr. Chair.

Chair: Thank you very much Egypt for your statement and I’m also very encouraged to hear that the African group is going to be working very hard to coordinate its positions on the key issues on our agenda. Thank you very much for that. Czechia to be followed by El Salvador.

Czechia: Thank you Mr. Chair for giving me the floor. Czechia aligns itself with the statement of the European Union and wishes to add following remarks in its national capacity. At the outset I would like to briefly reiterate that sharing cyber security expertise enhances our collective ability to defend against ICT threats. That is why Czechia is an active donor in the field of cyber capacity building. For example this fall we continue to organize workshops focusing on cyber security and cyber crime issues in countries such as Indonesia, Argentina or Bhutan. We also started working closely with the International Telecommunication Union on cyber capacity building. In the initial phase we intend to provide financial and export support for ITU cyber trainings in Rwanda, Mozambique and Zambia. We are also active in the Cyber Balkans project focusing on the countries of the Western Balkans. We would like to thank all the countries where our projects have taken place for the invaluable lessons we have learned from each other. As far as the guiding questions are concerned, and in order to save time also for our tomorrow’s discussion on the regular institutional dialogue, I will focus only on the questions related to the Global ICT Security Cooperation and Capacity Building Portal and its development. And to save time, I will simply refer to it as the UN portal. In this regard, I would first like to thank Kuwait for its proposal and possible funding for the development of a UN platform on norms of responsible state behavior in cyberspace, which if we can reach consensus on it, could complement the UN portal and probably became one of its modules. Czechia will examine this proposal in particular with regard to how it could enrich or complement the work of a future permanent mechanism. In general, we would like to see the UN portal as simple as possible, easy to maintain and update, and to focus the discussion rather on how to make the UN portal and its modules compatible with the program of action and its intended action-oriented approach. For example, if the program of action will have dedicated thematic groups on different topics, the portal should reflect this and also serve as a useful tool for these thematic groups. We therefore see the need to finalize the design of the portal once the future mechanism has been determined. Another important point for us is that the UN portal and its development should be align with existing initiative. It would be, for example, beneficial to draw an experience of UNIDIR and GFC, particularly regarding the linkage of the cyber policy portal and the civil portal. Frankly speaking, I can also imagine taking one of these already proven portals and literally turning it into the UN portal. This could save a good amount of financial expenses related to the development of the portal for the beginning. We have a number of additional comments on the development of the portal, including those related to the multi-stakeholder community engagement and the inclusion of the global POC directory. However, I will not discuss these in detail at this time, as they can be found in our national submission on the UN portal, which we sent to the Secretariat last month. We look forward to the Secretariat’s report on the UN portal and to further discussion based on the findings that will be presented in that report. I thank you for your kind attention.

Chair: Thank you, Czechia. El Salvador, to be followed by Italy.

El Salvador: Mr. Chairman, a summary version will be read and the final version will be published. El Salvador supports the statement by Argentina. For my country, capacity building is a cross-cutting element which covers all the areas included in the mandate of the working group. And like other speakers, we recognize excellent training programs which have been carried out by different actors, such as those by UNIDER, CISERT, OAS and Singapore United Nations Scholarships. El Salvador… has shared details about the broad spectrum of capacity development in terms of cyber information security, including cyber diplomacy and cyber security. Training in these areas is essential. With regard to the guiding questions proposed, El Salvador particularly welcomes the recommendations in paragraph 54 of the third APR, particularly that one about the studying the establishment of a United Nations voluntary fund to support capacity building. My country has been active in all sessions of this working group. However, the technical follow-up is often done from the capital through our delegate in New York or in hybrid and remote activities. We value the program of sponsorships supported by France and Ireland, which has made it possible for the first time for me to participate directly as a delegate, which follows these matters from San Salvador. This clearly shows what we understand by significant participation, offering opportunities so that national experts, especially from developing countries, including middle-income countries like mine, can contribute actively to our discussions. Therefore, El Salvador promotes continuing with similar funds within the framework of the future permanent mechanism and urges states which have the capacity to do so to continue offering resources for initiatives of this kind. Finally, we reiterate our appeal to adopting a multi-stakeholders approach whose contributions are essential to make significant progress in our discussions. Thank you.

Chair: Thank you very much, El Salvador. Italy, to be followed by Estonia.

Italy: Thank you, Mr. Chair, for giving me the floor. We fully align with the statement delivered by the European Union and wish to add the following elements in our national capacity. The growing prevalence of cyber threats underscores the urgent need for a robust and comprehensive cyber capacity-building initiatives. These efforts strengthen cyber resilience, secure critical infrastructures, and contribute to economic growth and social stability. Italy integrates cyber capacity-building into its national cyber security strategy through measures aimed at fostering cyber security resilience, developing a robust national ecosystem, and advancing partnerships with third countries through bilateral agreements. Such agreements emphasize knowledge sharing, training, and collaborative frameworks to address cyber threats, fostering mutual cooperation and capacity development. Beyond its national efforts, Italy actively contributes to global initiatives, among which the World Bank’s Cyber Security Multidonor Trust Fund, which assists countries in strengthening their cyber security capabilities. Italy highlights the critical role of public-private partnership and a robust multi-stakeholder approach in cyber security capacity-building, welcoming the reference to this approach in the annual progress report. Private sector entities, academia, and civil society bring diverse perspectives on cyber security issues and contribute to ensure sustainability, inclusivity, and impactful outcomes. We highly value international initiatives bringing together different stakeholders, such as the Global Forum on Cyber Expertise. To enhance global cooperation, we welcome the implementation of tools such as the Global Cyber Security Cooperation Portal, designed to provide a practical modular platform accessible to all member states. The needs-based ICT security capacity building catalogue also represents a useful tool for tailoring initiatives to state priorities. Italy supports valuable opportunities for exchanges, such as the high-level global roundtable on ICT security capacity building, held last May here in New York. Principles of sustainability, inclusivity, and alignment with sustainable development goals underpin Italy’s capacity building approach. Countries must respect human rights and fundamental freedoms, incorporating a gender perspective to ensure inclusivity. This goes hand-by-hand with the implementation of the Pact for the Future and the Global Digital Compact. Thank you, Mr. Chair.

Chair: Thank you, Italy. Estonia, to be followed by the Republic of Korea.

Estonia: Thank you, Mr. Chair, for giving me the floor. I keep my remarks limited, and you will find a longer version of the statement on the webpage. Estonia aligns itself with the statement of the European Union, and we would like to make the following remarks in our national capacity. Estonia underscores the fundamental value of capacity building as a necessary step for achieving the goals and agreements set in the open-ended working group discussions. The capacity building mapping exercise was extremely useful by providing an overview of regional, sub-regional, and cross-regional cyber capacity building initiatives, as well as highlighting the role of capacity building in advancing the framework of responsible state behavior in cyberspace. Unfortunately, we observed a significant amount of duplication of projects in several regions. In order to address this, states should make a continuous effort to cooperate and exchange information on ongoing and planned capacity building initiatives, particularly in a context where the current demand for additional projects and initiatives exceeds the supply. The proposed needs-based cyber capacity building catalogue can also help to avoid duplication. However, for this purpose the catalogue should be linked up with a global cyber ICT security cooperation portal, as well as integrated with a future permanent mechanism. The UN portal should also take into account already available valuable resources, such as the UNIDIR’s cyber policy portal, the CYBIL portal managed by the Global Forum of Cyber Expertise, as well as the EU Cybernet’s mapping of ongoing capacity building projects of the EU member states. One concrete example of how Estonia contributes to strengthening the international commitment to an open, free, stable and secure cyberspace alongside bilateral and regional capacity building initiatives is the Tallinn Cyber Diplomacy Summer School. It is organised by the European Commission’s Directorate General for International Partnerships, the Ministry of Foreign Affairs of Estonia in cooperation with e-Governance Academy, Estonian Centre for International Development and covers a wide area of topics from digitalisation, including emerging technologies such as AI to responsible state behaviour. From the 11th to the 15th of November, Cyber Diplomacy Summer School took place their fifth time. While selecting the participants for the summer school, our goal was to consider geographic as well as gender balance. There were 54 participants from 49 countries globally and we had 43% of women and 57% of men participating. It was not perfect and we will strive for a better solution next time. Mr Chair, we would like to thank you for your opening remarks. at the summer school. Your involvement greatly contributed to its success. As the next step, we intend to organize the next summer school session in June, and we will focus on developing a dedicated program for the summer school’s alumni. In conclusion, I would like to underscore that Estonia considers cyber capacity building a priority area, aimed at strengthening the overall resilience of countries against malicious cyber activities and supporting the implementation of agreements reached at the UN level. Capacity building is a cornerstone of our national cybersecurity policy, which is why we remain dedicated and willing to share our knowledge, experience, and expertise. Thank you, Mr. Chair.

Chair: Thank you very much, Estonia. Republic of Korea to be followed by Dominican Republic.

Republic of Korea: Thank you, Chair, for giving me the floor. At the outset, we look forward to the report of the Secretariat on the Global Cybersecurity Cooperation and Capacity Building Portal. We hope the report consolidates existing initiatives and proposals from member states, providing states with a clear understanding of the concept and structure of the portal. The increasing sophistication of malicious ICT activities poses a significant security challenge, as it highlights the need for robust defenses to prevent the exploitation of network vulnerabilities. To address this, comprehensive capacity building efforts are essential, encompassing not only technical solutions, but also enhancements to legal and institutional frameworks. This also underscores the importance of capacity building programs be threat-informed, ensuring they address the specific risks and vulnerabilities that could be exploited. The third annual progress report recognizes cryptocurrency theft as a significant cybersecurity threat. When combined with other illicit activities. such as financially-motivated cyberattacks, and the covert contracting of IT workforce under false national identities, the potential impact can become even more severe. With this in mind, since last year, our government has been organizing a capacity-building program which seeks to enhance the cyber-defense capabilities of ASEAN countries to prevent and mitigate the effect of cryptocurrency heists, as cryptocurrency markets are rapidly expanding in the region. The program focuses on proposing solutions to strengthen cybersecurity, sharing government-level recommendations for improving legal and institutional frameworks, and exploring strategies to build trust and raise awareness within the private sectors, all of which represents practical and action-oriented capacity-building measures. Just like the aforementioned program, initiatives that support capacity-building to address immediate and tangible threats can play a vital role in mitigating vulnerabilities. For example, since 2005, Korea has annually conducted the Asia-Pacific Information Security Center Security Training Course, a hands-on program designed for CERTs in the Asia-Pacific region. This initiative has delivered practical training on incident response and continues to enhance the region’s cybersecurity resilience. Thank you.

Chair: Thank you very much, Republic of Korea. Dominican Republic, to be followed by Latvia.

Dominican Republic: Thank you, Mr. Chairman. The Dominican Republic is grateful for the opportunity to participate in this important dialogue to reinforce capacity-building within the ICTs. We recognize the critical importance of capacity-building in this working group as a fundamental pillar to strengthen security in the use of ICTs. In this regard, we support and value the report prepared by the Secretariat, which identifies achievements as well as challenges. in this important field. To follow up the mapping exercise, we think it essential to establish a systematic process of review, including the active participation of member states, as well as all stakeholders. This process should incorporate regular reporting on workshops, and a framework to identify challenges depending on region and types of threat. We recognize the global regional initiatives that exist, such as cooperation among the various national bodies of member states and regional bodies, like the OAS through its CSIRT Americas program, and also the Global Forum on Cyber Expertise, and the International Forum on Responses to Cyber Incidents. These have facilitated an exchange of knowledge. However, we continue to have opportunities to improve things, including a more equitable distribution of initiatives, increasing the approach to less developed countries in these efforts. This mapping exercise should be used to firstly standardize supply, an example by devising a syllabus which defines the scope of programs, so that the various projects and knowledge sources in various regions can jointly provide homogeneous knowledge to countries and persons who benefit. Secondly, to help beneficiary countries in correctly identifying their needs. for training and capacity, and also to avoid overlapping efforts and make efficient use of the limited resources of donors. With regard to the catalogue of needs-based services, there should be the Global Security Agenda of the ILO, for example, and this catalogue should be developed with the participation of many stakeholders and should respond to emerging societies. Its integration into the global portal, which is proposed, would guarantee efficient access for all member states. With regard to the development and operationalization of the global portal on the security of ICTs, the Dominican Republic thinks that it should be modular, neutral and under United Nations auspices. It should guarantee the interoperability with existing platforms to avoid duplication, incorporate robust security measures and prioritize equitable access, especially for those states which have fewer resources. Its design should be based on the user facilitating access to all available resources. With regard to the establishment of the Voluntary Fund for Capacity Building, it should have transparent rules for the distribution of resources and an approach to the more needy regions. We also consider it essential to have monitoring and assessment mechanisms to guarantee that the funds are used effectively and that the objectives are achieved. Thus maximizing impact. To support the integration of capacity building… principles globally. We propose that these principles be incorporated. Each state should incorporate these principles in a framework on ICT policies. There should be standardized metrics and promote public-private partnerships. There are lessons learned in other areas of the UN system which could serve as a reference. Initiatives like UNDP, ILO, WHO have shown that multi-sectoral approaches can be used to address these ICT challenges. These experiences offer valuable models to design and implement initiatives which are action-oriented. Lastly, we support the proposal to convene the next high-level global roundtable on capacity building to reflect on the progress made through the mapping exercise and the global portal, ensuring the continuity of a strategic approach to international cooperation. Our delegation reaffirms its commitment to actively cooperate toward capacity building under the principles of equity, inclusion, and effectiveness. We are prepared to work hand-in-hand with member states and other interested parties to strengthen a more safer and resilient cyberspace. Thank you.

Chair: Thank you very much, Dominican Republic. Latvia to be followed by Paraguay.

Latvia: Thank you, Chair. Good afternoon, colleagues. The Latvian delegation aligns itself with the statement of the European Union and would like to make a few observations on national capacity. As highlighted in the latest APR and demonstrated by the debate in this chamber so far, Capacity building is crucial to enhance security and build resilience in cyberspace. To achieve consistent results, we should promote cyber capacity building through a comprehensive approach. Many of the ingredients for effective capacity building are already available, including capacity building programs and platforms for information exchange, like already existing collaboration between UNIDIR and GFC. The goal of the future permanent mechanism would be to better integrate these elements, including by streamlining the matchmaking between those who need assistance and those who can provide it, thus ensuring coordination and non-duplication of efforts. It would be also important to have feedback mechanism to ensure that there are no gaps left in capacity building efforts. Thinking about these elements of prospective capacity building efforts, it is clear that some kind of facilitation will be needed. For instance, proposed global cybersecurity cooperation portal will not sustain unless updated and moderated by somebody on a regular basis. Also, matching needs of recipients and resources of donors will not happen by itself. Somebody will need to facilitate this process. UNIDIR has been mentioned as a possible candidate in the UN Secretariat for that purpose. In the view of my delegation, it is a very solid candidate. We also need to think about outcome or legacy, if I may say, of this process that would be associated with it. In this respect, we wonder whether establishment of facilitating framework in form of UN Cyber Resilience Academy within UNIDIR could not be considered. Cyber Resilience Academy task would be facilitate capacity building effort. within the future mechanism. Academy must not be a bureaucratic institution with building or an administration. Rather, it should be a slim and efficient framework funded by voluntary contributions that everyone would associate with the outcome of the open-ended working group work and would be seen as a reference point within the UN system on the issues related to capacity building for development of cyber resilience of member states. We would be glad to discuss further this idea of a setting up of a UN Cyber Resilience Academy within UNIDIR with interested delegations. Strengthening the national and regional cyber resilience capacity is still one of the most urgent tasks at our hand. Latvia is prepared to share its national experience in operating national CERT. In addition to bilateral assistance projects, Latvia’s CERT, Latvia together with the partners Bahrain and Colombia and industry shareholders organized a side event during the previous open-ended working group meeting on advantages of multi-stakeholder collaboration in building a cyber resilient country. To continue this practice and further exchange the best practice in matters relevant to cyber resilience building, during the next OEWG session in February, Latvia intends to organize a side event on developing nationwide incident response capabilities. Latvia also participated in the first high-level global roundtable on ICT security capacity building this May and would be supportive if these roundtables would be organized with a regular periodicity. Therefore the topic deserves a dedicated platform where to discuss the needs of state, challenges to build their cyber resilience capacity. lessons learned, best examples among others. Latvia believes that the High-Level Global Roundtable could be integrated in the new permanent mechanism, the proposed program of action. Thank you, Mr. Chair.

Chair: Thank you very much, Latvia. Paraguay, to be followed by Germany.

Paraguay: Thank you, Mr. Chairman. Paraguay supports the joint statement made by Argentina on behalf of a group of countries on capacity building. We also want to mention a few additional aspects in our national capacity reaffirming the recommendations of the APR. We consider it important to reduce the gender gap by promoting the participation and leadership of women in decision-making processes with regard to the use of ICTs in the context of international security. We also should take into account the needs of every state in capacity development, identifying deficiencies and specific technological levels, including transfers of technology, and emphasizing those which protect critical infrastructure, incident management and risks, as well as norms of responsible use. In cooperation with the OAS and the Inter-American Committee Against Terrorism, the Ministry of Information Technology and Communication in Paraguay is working on the new national strategy on cyber security. We wish to thank the organizations and countries that contribute through national efforts to strengthen the capacities of technical specialists and diplomats from my country. Examples are programs of the Women in Cyber, supported by the OAS, the Government of Canada, the Global Forum on Cyber Expertise, the training course of UNIDIR on norms, international law and cyberspace, with the support of Czechia, France, Germany, Italy, Netherlands, Norway, Switzerland. the United Kingdom and Microsoft in the framework of programs of security and technology of UNIDIR supported by the United States. And finally, the United Nations Singapore Scholarship Program with the support of the National University of Singapore and the Singapore Agency of Cyber Security. We wish to thank all those who cooperate because this has a multidirectional and multiplier benefit. This is a way of benefiting all. Our collective efforts and coordinated efforts to create capacities in the security of ICTs will not only strengthen our digital defenses but will also promote a global environment which is more secure and stable. Thank you.

Chair: Thank you, Paraguay. Germany to be followed by United States.

Germany: Thank you, Mr. Chair, for giving me the floor. Germany aligns itself with the statement of the European Union and wishes to add the following remarks in its national capacity. Chairperson, you were right at the beginning of this week when stating that we are entering the final stage of a collective marathon. The temptation of letting muscle cramps or exhaustion prevent us from giving up shortly before the finish line is indeed very high. However, we should not let these side effects get to us but instead push on through despite the challenges with dedication to make it to the other side and achieve our common long-term vision, an action-oriented future permanent mechanism. The same rationale effectively applies to capacity building. A once-off training may be nice, but it requires long-term and a sustainable engagement to really acquire the desired result of building capability among actors operating within the digital environment. In line with your inquiry about a possible follow-up to UNODA’s capacity building mapping exercise, Germany, thus, strongly believes that it takes a consistent and continuous effort to further update the initial mapping to get a better sense of any remaining gaps that need to be addressed. As the capacity building landscape continuously evolves, so must we and any form of mapping to stay on top of things happening on the ground. Like for most delegations in the room, capacity building has become the top priority for Germany to promote a peaceful, open, stable, accessible and secure cyberspace while fostering the implementation of the UN Framework of Responsible State Behaviour. Our cyber capacity programming, consequently, is based on a demand-driven, targeted and principled partnership approach that strives for holistic community building between states, stakeholders and across sectors alike due to borderless nature of cyber threats. Ever since our last deliberations here in July, some milestones of Germany’s capacity building efforts have included the following highlights. Bringing together our Western Balkan partners in Skopje, North Macedonia, for a regional workshop to establish a collective cyber diplomacy network. Facilitating the first establishment meeting for ECOWAS member states to set up a regional West African ISAC in Praia Cabo Verde, as well as a study visit of our Ukrainian counterparts to Germany, among others. Coming back to your guiding questions now, Germany welcomes the opportunity to further comment on the highly interesting proposal of the Global ICT Security Cooperation and Capacity Building Portal, as well as the needs-based catalogue. Within this regard, Germany would like to underline the importance of supporting states in eloquently prioritizing their needs for effective capacity building. Combining both elements as part of the portal would certainly be useful to avoid duplication of efforts and work in a coordinated manner. Moreover, it should be a top priority to advance the concept of the catalogue and portal in cohesion with existing initiatives like Sibyl by the GFCE, the UNIDO Cyber Policy Portal and the EU Cybernet Database. Within this regard, we would also like to thank the delegation of Kuwait for its proposal on a norms of responsible state behaviour in cyberspace platform that we look forward to studying further. Secondly, Germany also welcomes the recommendation of PARA54 and a third APR for states to further study the establishment of a United Nations Voluntary Fund. Once more, it is imperative for my delegation to put in place a clear link to the multi-donor trust fund of the World Bank, which Germany contributes to in order to maximally leverage on this existing initiative with regards to possible synergies. Accordingly, we see merit in further studying what elements are precisely needed for the implementation of this fund to make it practical and effective. Thirdly, regarding facilitating the mainstreaming of the agreed capacity building principles across the ICT security capacity building landscape, like the Netherlands before, Germany would like to draw your attention to the invaluable work from Chatham House, among other stakeholders. Moreover, it serves as an important reminder of the essential role that stakeholders play in capacity building, being the one transversal issue that links all other pillars in forming our work at the OEWG. Fourthly, looking at concrete action-oriented capacity building initiatives that have been established within the UN system, Germany believes that the work of UNITY is particularly useful for the advancement of our collective aspirations as part of the OEWG. Moreover, our very own flagship initiative, HerCyberTracks, implemented by GIZ jointly with the ITU, promoting the role of women in cybersecurity might offer useful lessons for efforts to advance international cooperation in the realm of ICT security capacity-building. Its aim is to provide a comprehensive curriculum of capacity-building offers from a wider array of stakeholders in one place and as part of three tracks, diplomacy, incident response, and cybercrime. I am proud to say that this year’s second iteration of the program has taken on over 140 eligible candidates from 45 countries that are being trained and mentored. As mentioned by Australia earlier and in celebration of 47 women in cyberfellows, we also jointly hosted a side event on gender perspectives in capacity-building as part of the OEWG but also beyond within the action-oriented Future Permanent Mechanism and I’m pleased to briefly share some of its key findings with you all before closing. Gender inclusivity as part of capacity-building engagement requires a holistic, whole-of-society approach that still needs to be context-specific while acknowledging the value of regional perspectives. Moreover, the importance of sharing best practices and lessons learned cannot be understated as it is not an issue that states can solve alone. Additionally, the question of how we translate these findings into our work here at the OEWG and beyond is one that requires long-term focus and sustainability. Like Nigeria has stated so eloquently before, gender mainstreaming therefore cannot be an afterthought but should be a given as part of the establishment of the action-oriented Future Permanent Mechanism. Finally, let me conclude with an outlook on the upcoming second high-level global roundtable on ICT security capacity-building which, according to its natural cycle, would have to take place once more in May 2025. This is not impossible, but with the GC3B in Geneva taking place around the same time and our very busy schedule until July, we would advocate for postponing the next edition of the roundtable until the action-oriented Permanent Mechanism is established. Let us not forget its added value of the OEWG discussions by raising the level of awareness of the urgency of capacity building among high-level government officials, which is certainly immense and effectively contributes to a continuous gap in international cyber policy. Therefore, it could possibly only come to real fruition by being linked to the vision of the Future Permanent Mechanism after 2025 and, as suggested by the United Kingdom today, effectively thereby creating its own dedicated space for further discussions on capacity building without leaving anyone behind. Last but not least, Germany would like to reiterate its commitment to you, Mr. Chair. My delegation stands ready to support you and your team in finding ways of integrating capacity building as the cross-cutting, foundational and transversal issue it is within the working groups of the Future Permanent Mechanism. Thank you, Mr. Chair.

Chair: Thank you very much. Germany, United States, please.

United States: Thank you, Chair. We applaud the significant ongoing activity on capacity building at the OEWG. As we have heard repeatedly, many governments, regional bodies, civil society organizations, and other institutions are engaged in providing a wide range of assistance. The U.S. views all this as a source of optimism. As has been discussed over the last several years, the OEWG’s unique role in cyber capacity building is to consider the framework’s recommendations for state behavior in cyberspace, assess the needs of states to enable their adherence to that framework, raise awareness of existing capacity building programs, both technical and policy-focused, that could help in this regard, and, if additional programming is needed, consider ways to accomplish that task in collaboration with implementers. Chair, your guiding questions ask for states’ views on some capacity building proposals and initiatives. including India’s portal proposal and the mapping exercise. And we also thank Kuwait for its thoughtful proposal today on a portal for norms implementation. In our view, these ideas all merit further discussion within the context of planning for future RID. More generally, we see the POA as the ideal platform to carry forward and institutionalize many of the capacity building initiatives raised here. In particular, we see the proposed cross-cutting working groups as ideal forums for engaging in more specific and detailed discussion on capacity building. For example, we have continuously advocated for a working group focused on critical infrastructure protection. Our expectation is that this group would assess the cyber threats to critical infrastructure, the framework’s expectations of states to protect and defend CI, CBMs and other available resources to facilitate cooperation and help states whose CI has been targeted, and other aspects of the framework. Throughout these discussions, the identification of needs-driven capacity building to protect critical infrastructure would be front and center. The advancement of cyber capacity building within the future mechanism should take advantage of and elevate the work of other existing fora engaged in cyber capacity building inside and outside the UN, including the World Bank, the ITU, and regional organizations. Modalities for regular information exchanges and routine connectivity with these organizations should be developed. Given the role it plays in improving global cyber resilience, we welcome more discussions on how to ensure that needs-based capacity building is a central ingredient in all aspects of the future permanent mechanism. And we look forward to engaging with all states on this topic with a view to creating that strong foundation for the POA. Thank you, Chair.

Chair: Thank you very much, United States. Maybe we can take one or two more speakers. Colombia, please.

Colombia: Thank you, Mr. Chairman. Colombia joins in the statement made by the delegation of Argentina on behalf of a group of countries, and we reiterate the importance that capacity building, in addition to being sustainable, should be a central component of the future permanent mechanism. We are also grateful for UNIDIR and the delegation of Kuwait for their statements. In our national capacity, we would like to make the following comments. Given the aspects of capacity building which are working well, in the case of Colombia, pending initiatives to support knowledge in terms of applying international law have had important national results which have been reflected in greater interest, awareness, understanding and institutional commitment to this matter. We have seen results and the support received to make progress in defining a comprehensive digital strategy. The contributions and knowledge of the CERTE program and others have been fundamental. Given the challenges for the creation of cyber capacity, Colombia has identified the rapid evolution of the digital cybersecurity system and existing and potential threats in the use and security of ICTs, as well as the high costs derived from the limited resources available to meet them. On this last matter, we join the delegations of Uruguay and South Africa on the importance of creating a voluntary tool with sustainable nature for capacity building. For Colombia, it is essential to have universal access without discrimination in the digital domain, especially for those in situations of vulnerability, ensuring the necessary investments in infrastructure and promoting digital skills to reduce digital divides, including the gender divide. as well as to promote sustainable development goals. We reiterate the need to mainstream gender component in addressing the threats relating to ICTs and the specific challenges faced by persons in situations of vulnerability. As everyone here knows, cyberspace is not felt the same by everyone. So the policies we developed should not only focus on cybersecurity in terms of infrastructure and data, but also should guarantee secure use of ICTs for all individuals irrespective of gender. For this reason, we welcome the efforts made by states in the women and cyberspace, especially the government of Canada, which has promoted the equitable participation in global spaces on security and the use of ICTs as reflected in the important number of delegations led by women. Chair, with regard to the global portal on cooperation in cyber security and criteria for its development, we would like to say the following. We underscore the importance that the portal should have factual and descriptive information so that the purposes to exchange information mainly. We believe that the contributions of civil society, academia and the private sector are key and we could consider having a section of the portal to documents prepared by many stakeholders on matters relating to security and ICTs. For the purpose of guaranteeing synergies and avoiding overlapping efforts, the portal should take into account existing initiatives such as efforts by DSD and the cyber policy portal of UNIDIR. The portal could also include the voluntary list for the implementation of… norms of responsible behavior, which also identify implementation. States could then review the areas which would require support for capacity building and solicit those where it could offer cooperation. In conclusion, we believe that the portal could have as the basis the results of the mapping exercise in the OEWG to see what the demand and supply are to avoid duplication of efforts and to promote further efforts. Thank you.

Chair: Thank you very much, Columbia, for your contribution. I think we have about 20 speakers left. We’ve been able to give everyone an opportunity with some very brief or briefer remarks and statements from delegations. So tomorrow we will have to take up the rest of the speakers. And again, I would urge delegations to come prepared by focusing on the key priority points with regard to capacity building, because we need to complete the discussion on capacity building to go into the discussion on regular institutional dialogue. That’s the first thing I want to say. Second, on capacity building, you know, I’m not going to summarize anything at this point because we are midway in our debate. It is clear that a lot is already happening in terms of capacity building. A lot more has been done bilaterally, regionally, by different actors, international organizations, institutions, international financial institutions, bilateral partners. All that is very good. So I think we are in a good place at this point to look at the range of activities that are already being done. And, of course, the mapping exercise that was done and the report prepared by the Secretariat gave a good indication of the landscape or the state of affairs, so to speak, on capacity building. Now, the question is, do we need to do a mapping exercise every year? I think there is always something new happening, changes are happening. The landscape is evolving, so this is a continuing exercise, this is a long-term exercise, and this needs to be sustainable. But the key point that I want all of you to reflect is that we need to take a step-by-step approach, and the same applies also to capacity building. We will never be able to have a perfect mapping exercise or a report that says these are the precise gaps and these need to be filled, because by the time we get to such a report, the landscape might already have changed and either more gaps might have emerged or the gaps might have been filled. But the idea of the UN playing some kind of role, there is very broad convergence around the idea. There is also very broad convergence around the idea that we should avoid duplication, we should leverage on existing initiatives, programs, and different activities that are taking place. So I think the idea of avoiding duplication, there is also very broad convergence. There is also a very clear agreement on the capacity building principles, which was something that previous open-ended working groups had adopted. We have put it as part of our annual progress report and the need to be guided by these principles. And then with regard to the specific questions on the portal, on the Global Roundtable and the Voluntary Fund. We need to take a step forward in July. We cannot kick the can down the road. One option is to say we need more details, we’ll need to study how to avoid clashing with existing initiatives, how to avoid duplication. Those are very important questions, but at the same time that should not prevent us from taking a step forward on the understanding that this is a continuing exercise. So we will need some decisions on capacity building in July. That is very clear and we need to take a step forward, that is very clear. The portal proposal is on the table, we’ve had additional ideas today, the proposal from Kuwait, the proposal from the Philippines which came up earlier in the year, needs-based catalogue, and so the question is how do we put all of that together and define some parameters for the portal that we can all agree and adopt in July. That’s one. Second, the voluntary fund, in accordance with paragraph 54 of the annual progress report, we need to provide a consensus recommendation in July. So we need to work on those details. And the roundtable as well, I think there’s broad convergence that it was useful, we need to have another one, it’s a question of timing, we need to avoid clashing with existing initiatives. I think our attention was drawn to the other exercise, a roundtable organized by the GFCE which is going to be held in May, so we need to reach some agreement on a timeframe that leverages and doesn’t duplicate or clash, certainly, I think that’s not the intention. But we need a recommendation on that too. in July. That would be a step forward. In that context, I wanted to say to you that when we meet for the 10th Substantive Session, the Secretariat report and advance copy will be made available on the portal and the voluntary fund. And so in February, we must get into the details and converge on a recommendation to be adopted by consensus in July. That must be our goal. We can’t say that everything will be decided by the future mechanism. As I have been saying, we cannot kick the can down the road. We have to do what is essential by July. We need to take a step forward. And so the report to be made available by the Secretariat will be important and that will prepare us for the February session. Of course, a report will never be able to answer every question, but we will never have perfect knowledge or perfect answers for every question. But that should not paralyse us or prevent us from taking a step forward, because if we waited for a perfect analysis of the state of the world before we take a step forward, we will never take a step forward. But at the same time, we are not going to be rushing forward by doing things in a way that could lead to duplication or a wasteful expenditure of time and resources. But what is very clear in my mind is that we need to take a step forward in a very concrete way in July on capacity building, because we cannot start the future permanent mechanism by saying, let’s continue to talk about capacity building. I’m not saying we are not doing anything on capacity building, because all of you are already doing a lot on capacity building, but the future permanent mechanism must go deeper into capacity building. capacity building, because the expectations are high, and taking a step forward on capacity building is also essential for the credibility of a future permanent mechanism. And so I think it’s important that we treat this issue with the greatest importance, and I think you have been treating it with the greatest importance, because we can tell that by the number of speakers. So all of you attach the greatest importance. I’m really encouraged by this discussion. I want to thank all of you for your positive and very constructive comments. We are off to a good start on capacity building. We have 20 more speakers. We’ll pick them up, and then we dive deep into regular institutional dialogue. So please cancel your Broadway tickets for tomorrow evening. We’ll have to stay here until very late in the evening until we finish the discussions on regular institutional dialogue. The meeting is adjourned. See you tomorrow, and my gratitude to the interpreters for giving us some extra time.

Agreement Points

Importance of capacity building for ICT security

European Union

Thailand

Bangladesh

Australia

Italy

Republic of Korea

Cross-cutting nature of capacity building across all areas of ICT security

Capacity building as essential for implementing UN Framework for Responsible State Behavior

Importance of capacity building for developing countries to detect and respond to ICT threats

Capacity building as crucial for strengthening cyber resilience globally

Capacity building as cornerstone for promoting peaceful and stable online environment

Importance of threat-informed capacity building programs

Multiple speakers emphasized the critical importance of capacity building in enhancing ICT security, implementing international frameworks, and addressing cyber threats.

Need for a global portal on ICT security cooperation

Thailand

Sri Lanka

Russian Federation

South Africa

Dominican Republic

Colombia

Support for development of neutral, modular one-stop shop portal

Need for portal to be accessible to all member states

Portal should contain agreed ICT terminology and not duplicate existing directories

Support for integrating needs-based capacity building catalog into portal

Portal should be designed with user-friendly access in mind

Portal could include voluntary list for implementation of norms

Several speakers supported the development of a global portal for ICT security cooperation, emphasizing the need for accessibility, user-friendliness, and non-duplication of existing efforts.

Establishment of a UN Voluntary Fund for Capacity Building

South Africa

Dominican Republic

El Salvador

Albania

Germany

Support for fund to assist developing countries

Need for transparent rules on distribution of resources from fund

Support for studying establishment of voluntary fund

Fund should prioritize investments in advanced tools and training

Fund should be designed to avoid duplicating existing initiatives

Multiple speakers supported the establishment of a UN Voluntary Fund for Capacity Building, emphasizing the need for transparency, prioritization of investments, and avoiding duplication of existing initiatives.

Similar Viewpoints

These speakers emphasized the specific needs of developing countries in capacity building efforts, highlighting the importance of addressing the digital divide and accommodating varying levels of technological development.

Cuba

Bangladesh

South Africa

Need for capacity building to address digital divide and technological inequalities

Importance of capacity building for developing countries to detect and respond to ICT threats

Fund should accommodate reality that developing countries are still building core capabilities

These speakers shared a strong emphasis on the importance of gender inclusivity in capacity building efforts, advocating for increased participation and leadership of women in cybersecurity and ICT decision-making.

Albania

Sri Lanka

Paraguay

Kingdom of the Netherlands

Germany

Support for initiatives to empower women in cybersecurity

Importance of gender-responsive capacity building efforts

Need to promote participation and leadership of women in ICT decision-making

Support for programs promoting women in cyber roles

Gender mainstreaming should be integrated into future permanent mechanism

Unexpected Consensus

Multi-stakeholder engagement in capacity building

Italy

Colombia

Nigeria

United Kingdom

Paraguay

Need for multi-stakeholder approach in capacity building

Need to leverage expertise of private sector, academia and civil society

Importance of public-private partnerships for funding capacity building

Call for greater involvement of non-governmental stakeholders

Importance of multi-stakeholder platforms for knowledge sharing

There was an unexpected level of consensus on the importance of multi-stakeholder engagement in capacity building efforts, with speakers from diverse regions and perspectives emphasizing the need to involve non-governmental actors, including the private sector, academia, and civil society.

Overall Assessment

Summary

The main areas of agreement included the importance of capacity building for ICT security, the need for a global portal on ICT security cooperation, the establishment of a UN Voluntary Fund for Capacity Building, addressing the specific needs of developing countries, and promoting gender inclusivity in capacity building efforts.

Consensus level

There was a moderate to high level of consensus on these key issues, with speakers from diverse regions and perspectives expressing similar viewpoints. This level of agreement suggests a strong foundation for future cooperation on capacity building initiatives in ICT security. However, there were some differences in emphasis and approach, particularly regarding the specific implementation of these initiatives and the role of various stakeholders.

Disagreement Points

Scope and focus of capacity building efforts

European Union

Cuba

Cross-cutting nature of capacity building across all areas of ICT security

Need for capacity building to address digital divide and technological inequalities

The EU emphasizes capacity building as essential for all aspects of ICT security, while Cuba argues that efforts should go beyond implementing norms to address the digital divide and economic difficulties faced by developing countries.

Access to the Global ICT Security Cooperation Portal

United Kingdom

Russian Federation

Call for greater involvement of non-governmental stakeholders

Portal should contain agreed ICT terminology and not duplicate existing directories

The UK advocates for open access to the portal for non-governmental stakeholders, while Russia emphasizes the need for agreed terminology and avoiding duplication with existing directories.

Overall Assessment

Summary

The main areas of disagreement revolve around the scope and focus of capacity building efforts, the design and access to the proposed global portal, and the implementation of the voluntary fund for capacity building.

Disagreement level

The level of disagreement is moderate. While there is broad consensus on the importance of capacity building and the need for global initiatives, there are differing views on implementation details and priorities. These disagreements reflect the diverse needs and perspectives of different countries, particularly between developed and developing nations. However, these differences do not appear to be irreconcilable and could potentially be resolved through further discussion and compromise in the development of the future permanent mechanism.

Partial Agreements

These speakers agree on the need for a voluntary fund for capacity building, but have different emphases on how it should be implemented. South Africa focuses on accommodating developing countries’ needs, the Dominican Republic emphasizes transparency in resource distribution, and Germany stresses avoiding duplication with existing initiatives.

South Africa

Dominican Republic

Germany

Support for fund to assist developing countries

Need for transparent rules on distribution of resources from fund

Fund should be designed to avoid duplicating existing initiatives

These speakers agree on the need for a global portal, but have different ideas about its specific features and content. They all emphasize accessibility and usefulness for member states, but propose different specific functionalities.

Thailand

Sri Lanka

Colombia

Support for development of neutral, modular one-stop shop portal

Need for portal to be accessible to all member states

Portal could include voluntary list for implementation of norms

Similar Viewpoints

These speakers emphasized the specific needs of developing countries in capacity building efforts, highlighting the importance of addressing the digital divide and accommodating varying levels of technological development.

Cuba

Bangladesh

South Africa

Need for capacity building to address digital divide and technological inequalities

Importance of capacity building for developing countries to detect and respond to ICT threats

Fund should accommodate reality that developing countries are still building core capabilities

These speakers shared a strong emphasis on the importance of gender inclusivity in capacity building efforts, advocating for increased participation and leadership of women in cybersecurity and ICT decision-making.

Albania

Sri Lanka

Paraguay

Kingdom of the Netherlands

Germany

Support for initiatives to empower women in cybersecurity

Importance of gender-responsive capacity building efforts

Need to promote participation and leadership of women in ICT decision-making

Support for programs promoting women in cyber roles

Gender mainstreaming should be integrated into future permanent mechanism

Key Takeaways

Capacity building is seen as a critical, cross-cutting issue for ICT security and implementing the UN Framework for Responsible State Behavior

There is broad support for developing a Global ICT Security Cooperation Portal, but with caution to avoid duplication of existing initiatives

Establishing a UN Voluntary Fund for capacity building received support from many delegations

Gender inclusivity and regional cooperation were highlighted as important aspects of capacity building efforts

Multi-stakeholder engagement was emphasized as crucial for effective capacity building

Integrating capacity building as a core function of the future permanent mechanism was widely supported

Resolutions and Action Items

The Secretariat will provide an advance copy of a report on the Global ICT Security Cooperation Portal and voluntary fund proposals before the 10th Substantive Session in February

Delegations need to work towards reaching consensus recommendations on the portal, voluntary fund, and future roundtables by July

The chair urged delegations to be prepared to make concrete decisions on capacity building initiatives in July, rather than deferring all decisions to the future permanent mechanism

Unresolved Issues

Specific details on the structure, governance, and operational modalities of the proposed Global ICT Security Cooperation Portal

Exact parameters and scope of the proposed UN Voluntary Fund for capacity building

Timing and format of future high-level global roundtables on ICT security capacity building

How to effectively integrate existing capacity building initiatives and avoid duplication in future UN-led efforts

Suggested Compromises

Developing the Global ICT Security Cooperation Portal in a modular fashion, allowing for integration of existing initiatives like the UNIDIR Cyber Policy Portal and GFCE CYBIL Portal

Considering postponing the next high-level global roundtable until after the establishment of the future permanent mechanism to avoid conflicts with other scheduled events

Taking a step-by-step approach to developing new capacity building initiatives, acknowledging that perfect solutions may not be immediately achievable

We need to take a step forward in July. We cannot kick the can down the road. One option is to say we need more details, we’ll need to study how to avoid clashing with existing initiatives, how to avoid duplication. Those are very important questions, but at the same time that should not prevent us from taking a step forward on the understanding that this is a continuing exercise.

Speaker

Chair

Reason

This comment challenges the group to make concrete progress rather than continuing to delay decisions. It acknowledges valid concerns about duplication but argues for moving forward despite imperfect information.

Impact

This shifted the tone from theoretical discussion to a more action-oriented focus on what can be accomplished by the July deadline. It likely prompted delegations to consider what specific proposals they could support.

The persistence of the digital divide underscores the responsibility of the more developed nations to support developing countries through transfer of technology, the exchange of best practices, and cooperation.

Speaker

Egypt

Reason

This comment highlights the ethical dimension of capacity building and frames it as a responsibility of developed nations, not just optional assistance.

Impact

It deepened the conversation by introducing the moral imperative for capacity building. This likely resonated with developing nations and put some pressure on developed nations to commit to concrete support.

Copying the existing stakeholder modalities of the OEWG into the Future Mechanism runs the risk that the non-governmental and private sector organizations on which we rely for our cybersecurity are permanently shut out from giving their views here.

Speaker

United Kingdom

Reason

This comment challenges the existing structure and advocates for broader inclusion of non-state actors. It highlights a potential blind spot in the current approach.

Impact

This introduced tension between state-centric and multi-stakeholder approaches. It likely prompted other delegations to consider the role of non-state actors more carefully in their proposals.

We see merit in further studying what elements are precisely needed for the implementation of this fund to make it practical and effective.

Speaker

Germany

Reason

This comment moves beyond general support for a fund to focus on practical implementation details. It demonstrates a more nuanced approach to capacity building initiatives.

Impact

This shifted the discussion towards more concrete considerations of how a fund would actually work. It likely prompted other delegations to think more critically about implementation challenges.

Overall Assessment

These key comments shaped the discussion by moving it from general expressions of support for capacity building to more nuanced considerations of implementation challenges, ethical responsibilities, and stakeholder inclusion. They injected a sense of urgency while also highlighting the complexity of the issues involved. The Chair’s comments were particularly impactful in focusing the group on the need for concrete progress by July.

How can the Global ICT Security Cooperation and Capacity Building Portal be developed to avoid duplication with existing initiatives?

Speaker

Multiple speakers including European Union, United Kingdom, Czechia

Explanation

Ensuring the portal complements rather than duplicates existing resources is crucial for its effectiveness and efficiency.

What are the specific functionalities and operational details of the proposed UN Voluntary Fund for capacity building?

Speaker

Multiple speakers including South Africa, El Salvador

Explanation

Understanding the fund’s structure and operation is essential for its successful implementation and utilization.

How can gender-responsive capacity building efforts be further integrated into national ICT and capacity building policies?

Speaker

Multiple speakers including Sri Lanka, Germany, Colombia

Explanation

Addressing gender disparities in cybersecurity is crucial for inclusive and comprehensive capacity building.

What are the best practices for implementing the agreed capacity building principles across the ICT security capacity building landscape?

Speaker

Netherlands, Germany

Explanation

Effective implementation of these principles is key to ensuring consistent and impactful capacity building efforts.

How can the needs-based ICT security capacity building catalog be developed and integrated with the Global ICT Security Cooperation Portal?

Speaker

Multiple speakers including Thailand, South Africa

Explanation

A well-designed catalog integrated with the portal could significantly enhance the matching of capacity building needs and resources.

What is the optimal timing and structure for future High-Level Global Roundtables on ICT security capacity building?

Speaker

Multiple speakers including Germany, United States

Explanation

Determining the best approach for these roundtables is important for maximizing their impact and avoiding conflicts with other initiatives.

How can the multi-stakeholder approach be effectively incorporated into capacity building initiatives and the future permanent mechanism?

Speaker

Multiple speakers including United Kingdom, Italy, Colombia

Explanation

Engaging diverse stakeholders is crucial for comprehensive and effective capacity building efforts.

What specific steps can be taken to address the digital divide and ensure equitable access to capacity building resources for developing countries?

Speaker

Multiple speakers including Cuba, Dominican Republic

Explanation

Addressing disparities in access to resources and technology is essential for global cybersecurity.

How can the mapping exercise of capacity building initiatives be updated and maintained on an ongoing basis?

Speaker

Germany, Dominican Republic

Explanation

Regular updates to the mapping are necessary to keep pace with the evolving cybersecurity landscape and capacity building efforts.

What role should regional organizations play in capacity building efforts within the context of the UN framework?

Speaker

Multiple speakers including Tonga (on behalf of Pacific Islands Forum), European Union

Explanation

Leveraging regional expertise and initiatives can enhance the effectiveness of global capacity building efforts.