IGF 2021 – Day 2 – OF #28 Online knowledge portals for national cyber capacity

The following are the outputs of the captioning taken during an IGF virtual intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.



>> CHRISTOPHER PAINTER: Okay.  Well, let me begin.  I am the President of the Global Forum on Cyber Expertise Foundation, which is the only multi‑stakeholder international forum for helping to coordinate and share knowledge within the community of international cyber capacity builders.  I should also say my name.  My name is Chris Painter.  Sorry about that.  It's a little early in the morning for me here in Washington, DC, and I am sorry I couldn't be with you all today in Poland. 

For those not familiar with international cyber capacity building, it's about projects where knowledge and skills are shared across borders to strengthen national cyber security or cyber crime fighting, combating capacities.  This work is very attuned to the importance of online freedoms, human rights, and Internet Governance.  So it's not just about security.  It crosses over to those other pillars as well. 

There are at least a dozen specialist websites the cyber capacity community use that act as libraries for useful information.  Several of the people who run those sites are here today, very happy to have them, both on the panel and dialing in. 

We have two aims for our session here today.  The first is to facilitate the sharing of ideas and good discussion between the people behind these websites, but also with the people who use them now or could be using them in the future.  The second of our goals is that it would be good if some concrete suggestions came from this session on how these websites could work together to improve the experience for their users and let more people know what's available for them and how they can use these powerful resources. 

This session builds on the IGF session back in 2016 on fostering dialogue between internet observatories and maps.  First we will have presentations, then I will open the floor for people to ask questions.  We want to make this as interactive as possible.  I hope we can find topics where there is a free flow of discussion between everyone on the call. 

So let me first introduce our panelist.  We have a distinguished and great set of panelists.  I apologize to people if I mispronounce your names.  I often mispronounce my own, so sorry about that.  Louise Marie Hurel, a special digital security advisor at Igarape Institute.  Igarape Institute created a Brazilian cyber security portal in 2020, so recently. 

Stephanie Borg Psaila, editor of the GIP Digital Watch Observatory and Chair of the Cybil Steering Committee.  Cybil is the portal for the GFC. 

Andraz Kastelic, lead cyber stability researcher, Security and Technology Program for UNIDIR.  And UNIDIR established and runs the cyber security portal that UNIDIR set up. 

Enrico Kalandro, Co‑Director of the Cyber Security Capacity Center for Southern Africa at the University of Capetown, and Senior Research Associate at Research ICT Africa. 

So let me start our discussion by asking each of you some questions, some targeted questions.  Louise Marie, you recently set up a new cyber security portal in Brazil.  What did you learn from that, and how did the network of portals help you setting that up? 

>> LOUISE MARIE HUREL: Thanks so much, Chris.  Hi all.  It's nice to see so many familiar faces but new faces as well, from whichever part of the world you are connecting.  Thanks, Chris. 

So just a brief contextualizer.  Igarape Institute connects local and global agendas on security, and digital security is one of them.  Throughout the years, we have been working a lot on establishing gov tech and civ tech to support crime rates, mapping gender‑based violence across different cities in Latin America, mapping refugees across Latin America as well.  When we think about cyber security, it is often seen as a very thorny and difficult and perhaps not that accessible kind of topic.  It wasn't for certain when I started researching this.  It was really hard to find information.  So what we found, at least in the Brazilian scenario, is that it's too complex and too technical.  That is not just specific to Brazil, but I am guessing like we share different similar challenges here.  It's fragmented in terms of roles and responsibilities across the public administration.  And it's often criticized, at least in Brazil, for being very militarized.  So how can we actually portray the multi‑stakeholder aspect of the different policies that is have already been developed in Brazil specifically? 

So we try to map this ecosystem and also kind of establishing the portal as a way of making access to that kind of knowledge more easier for researchers and policymakers as well.  So as you said, we launched the Brazilian cyber security portal in 2021 at the beginning of the year.  So how did the network help us in kind of pushing this forward?  I have basically spoken to almost all of you at a certain point of the development of the portal.  I think that's really important to ensure that we are not, you know, doing double efforts or trying to reinvent the wheel, rather than in the process of developing a portal, thinking about how can we establish knowledge that is accessible to a particular community but also speaking globally.  So the portal is also in English.  So that was something that we wanted to do.  You know, not only create knowledge that's situated in the Global South, but also in a way to communicate it externally.  And the network of portals was just amazing, and just having that shared experience of what does it mean and think about the process of making that kind of knowledge more easily accessible. 

So the observatory from the OES has overlaps with the Brazilian portal, for example.  The UNIDIR has overlaps in terms of the Brazil profile over there.  It's really important for us to keep that communication open beyond just the interface.  And the lesson learned for me, I would say, is the portal needs to speak to the scope it was covering.  So in that case, we were really diving deep into the national ecosystem.  And the idea, you know, you can see timelines in other portals, but in our case, we not only created a timeline; we created a network representation of the different actors and sectors and linking the different policies that they developed.  So that is kind of the way in which we could portray what was a national environment, which is very different from other portals.  So always trying to contextualize that, learning from the other portals as well, but creating something new that can help us represent that kind of knowledge in a new way. 

So I would say these are the two points. 

>> CHRISTOPHER PAINTER: Yeah, thank you for that.  It's interesting that just a few years ago, there weren't any portals or the portals were in, I think, far less developed stage than they are now.  So certainly I share your original concern that it was hard to find stuff out there, but it's god to have these things out there now.  So thank you for that. 

Stephanie, you are the chair of the civil portal's board and work on the digital Watch website.  How do you see the state of cooperation?  There are a number of portals out there, which I think is good.  Lots of flowers are blooming.  But you also want the garden to work together.  How do you see that going from your perspective? 

>> STEPHANIE BORG PSAILA: Thank you, Chris.  Hi, everyone.  It's good to be here with you. 

Yes, as you both were saying, Chris and Louise, a lot of flowers in the garden, but it's important for the gardeners to be able to work together.  Because the garden is big.  So lots of work to do. 

But to answer directly your question, state of cooperation is looking good.  Obviously, there is more work to do, but there are early very good signs, I would say.  So that's the short reply to your question. 

A bit of a longer reply is the following.  So as you are saying, I represent both sides, so the Cybil portal is a library of almost 800 international projects.  That's a lot.  It's a very rich site, and it serves as a good tool for practitioners working in cyber capacity building.  Digital Watch is different.  It looks at 50 topics under the broad definition of digital policy.  And there's also the aspect of resources.  Not so much the focus on capacity building.  I would say that's just one of the topics that are covered under the Digital Watch, but the idea is broad thematic coverage. 

In terms of cooperation, this is something that the Cybil Steering Committee ‑‑ and here I am wearing the hat of the chair of the Cybil Steering Committee.  The Steering Committee's working, taken as a priority this cooperation between/among the portals.  And a good example was a good coordination this year between Cybil and UNIDIR's website, and I would say we appreciate the fact that they let us know their update plans beyond the interface and created the shared online spreadsheet and their table so we could see the new resources that they are adding to their site, so that's very much appreciated. 

So yeah, I mean, the cooperation is there.  The idea is even when it comes to new portals, which do pop up every now and then, the idea is not to reinvent the wheel.  Avoid duplication of efforts.  That is why cooperation needs to be strengthened a little bit, and the portals, at least representatives of the portals, need to come together every so often. 

But I'll have a few more ideas further on in the session.  So back to you, Chris. 

>> CHRISTOPHER PAINTER: Thank you for that.  And you know, I think that you raise a good point, that all the portals are not necessarily scoped in the same way, which is important because they don't have to be.  It's just interesting.  It's important, though, for people to know what the portal is meant to encompass, what its focus is, and when you cross‑link between them to make sure that people understand that because there are a lot of things that people want to find out in this area, not solely capacity building, but certainly an entree point for a the lot of it, but not only that. 

I should note for folks at the call, if you have not looked at the chat, there's a couple, I think, important things.  One, Kathleen Bei from GFC has posted links to each of the portals from our speakers.  So if you are interested ‑‑ and I hope you are ‑‑ please check those out after the meeting, after we are done.  And then the other thing that she notes is when we were going to go have an open discussion in the latter half of this meeting, so please have questions ready.  Use the Raise Hand function so that we can call on you and have that discussion when we get to that point.  Or at least phrase your question for the panel. 

So Andy, let me turn to you next.  You work on UNIDIR's cyber security portal.  Do you have any updates, which I know can be trying, and listening to the experience of the requests of our users because I'm sure that's part of the process of updating is what works, what doesn't work, and what serves your community. 

>> ANDRAZ KASTELIC: Sure.  Thanks for your question, Chris, and for your dedication of moderating this in the middle of the night.  I am pretty impressed.  Bringing the coordinators of the portal, I think this is the first time we are all sitting together for this event, and of course, to IGF for creating the platform. 

The policy and legislation profiles of the states is constantly a process for us.  The information thank is scattered has been evolving pretty much daily since the beginnings in 2019.  This year alone, I think we are close to 140 updated profiles this year.  But yes, there's a different side as well of these updates.  We update also the functionality, user interface, and so on, and we have made a lot of improvements this year to the portal. 

For us, the feedback of the users is obviously the driving force to changes in improvements for the user interface and functionalities.  And thanks to our users, we have actually identified what they may be interested and not.  And one thing that popped up this year was the views on international law.  It's a subcategory that we have added recently to the portal, and it's quite popular with visitors. 

I mean, having said that, first and foremost, CBP is a confidence‑building tool.  It's aimed at reducing potential misunderstanding among the UN Member States, something that has been recognized by in reports this year.  I bet it doesn't come as a surprise if I say that States are the most important audience for us.  But these views on international law, for example, the collection of the views provided by Nation States has been requested frequently, actually, by the research community.  So we try to serve them as well. 

Of course, we have to constantly prioritize.  The team behind the PPC has some quite futuristic ideas for the future, we have to balance with our capacities, the capacity of the development team, and the potential impact, obviously, of each of these improvements. 

I guess the most important lesson would be to actually listen to the users.  I know that sounds a bit obvious, and I apologize for that, but I theorize that's probably not followed as much as it should be, and it's quite easy to get caught in the excitement of new things, new features, creating new features, just for the sake of features themselves.  While actually being disconnected, probably, further from the target audience.  I think that would be it for now. 

>> CHRISTOPHER PAINTER: So I mean, a couple things you said, obviously, are interesting.  One is just the constant push to make sure you are updating.  This has been a banner year in terms of countries talking about how they view international law, for instance, coming out of the GGE, where that was one of the voluntary tasks that a number of countries did.  And second, I think you make the point that listening to users ties in very well with ‑‑ the GFCJ had its annual meeting, and theme of that was more of a demand approach.  We see this in capacity.  It's great to have all these capabilities that we offer people, but if it's not meeting their needs, it's a mismatch and not helpful, especially when we have limited resources.  So thank you for that. 

Let me finally, let me go to Enrico, then I will go to more general questions.  You use these portals as a researcher and a project implementer.  So from your perspective, what's your experience with using these portals, and what difference do they make to your work? 

>> ENRICO CALANDRO: Thank you.  Thank you very much, Chris.  And hi, everyone. 

So my experience with these cyber portals, both as a researcher and as a project implementer, has been overall positive.  So from my perspective, they are useful for three main reasons.  And those are research, dissemination, and as instruments for cyber capacity building and training.  So let me explain to you why. 

So first, of course, they are useful for research purposes because, as has been said, they aggregate, organize, and make available research, analysis, and also data sometimes.  So they can be useful for mapping existing policies on digital issues and on cyber security.  They can help identify gaps in policy and regulatory development and allow to zoom in specific countries or regions.  They can support both the thematic analysis of cyber security issues but also understand the geopolitical landscape on digital and cyber policy. 

And finally, when research, analysis, and data has been collected and organized longitudinally, when that happens, they allow also to understand developments also across the factor of time, which is a very important one. 

Second, they are also useful for dissemination purposes, and that's really important from a researcher perspective because they will allow researchers, academic, and others, and think tank organizations, for instance, but also government in some cases and private sector, why not, to reach a wider and specialized audience. 

For instance, just to mention a portal that is not part of this discussion, the African portal, which is widely used by research, ICT Africa, maybe a researcher doing research on the African continent.  It works as a mutual hub and research repository which includes expert analysis on African affairs.  So not only cyber, but broader African affairs.  And what is good of that is that it publishes and promotes research and analysis on different African issues from different think tanks.  And thought leaders ‑‑ academics, researchers, journalists, industry experts ‑‑ on policy issues on a variety of fields.  And because it is open access, is an open access research repository, very important for dissemination of research, it holds reports, occasional papers and policy briefs, which are available for free and full text download, which is not always the case, especially for with academic publications. 

And all the publications are provided by the partners of the African portal.  And so it really allows for this wider dissemination of the research for an African and even global community. 

And third, I believe these portals are really useful as instruments, as we said, for cyber capacity building and training.  For instance, Cybil has got a full section of tools, and it really allows to filter content by themes, topics, text, type, actor, year, and therefore to access a highly specialized knowledge on a number of important issues related to cyber, digital policy issues, and other highly specialized areas related to the work that we do. 

I would stop here for the moment.  Thank you

>> CHRISTOPHER PAINTER: Thanks for that, and you know, I take your point about not everything is available in full text form.  Since I switched to starting to write some articles recently, I found that to my surprise.  It's not always easy to get to those things.  If you are not a full‑time academic.  So I think it's very helpful to have that. 

Let me open up the aperture a little bit and ask all the panelists a question.  So you know, I ask any one of you to jump in.  I ask you, make this conversational.  So we talked about the value of these portals.  How can we work together to promote these websites and help users know what information is available to them?  What kinds of things can we do to encourage that?  And this is an open question to any of the folks, any of the four of you. 

>> STEPHANIE BORG PSAILA: I will volunteer to jump first, Chris, because it sort of builds on what I was saying earlier. 

So perhaps two suggestions from my end.  I think it would be good to have a virtual meeting, one more regular, the portals in 2022.  So essentially, it's bringing the portals together and just sharing updates and plans.  So an open ‑‑ let's say an open channel of communication among the portals. 

And related to this ‑‑ very related, actually ‑‑ it's joint communications.  For instance, a newsletter once every two months, a portal.  Here I have an example from Geneva, which is where our Geneva platform operates from, obviously, and there's a good example of a newsletter called the Geneva Platforms, and essentially, it's automatic.  So it brings updates from the different platforms that exist in Geneva, and once a month it publishes all the updates from the different platforms.  So we evolved because of digital policy, but the themes are varied.  So the thing that binds them together is literally the word "platforms."  But there could be something similar for portals, so essentially portals with different themes, different scopes, and just having updates there for people to see.  So those ‑‑ I am throwing out those two suggestions. 

>> LOUISE MARIE HUREL: Let me just jump in, and sorry, Chris.  Is it okay?  Yeah. 

>> CHRISTOPHER PAINTER: No, it's great.  It's exactly what I wanted. 

>> LOUISE MARIE HUREL: No, that's great.  So I just wanted to add two really quick points because I think there are two dimensions to how we can think about promoting each other's kind of work.  I think, obviously, there is the internal coordination between different portals to ensure that we are not, as I said, like reinventing the wheel and seeing how we can potentialize the synergies that we have.  So that is one element of that.  But there's also kind of the external element.  And one thing that I think was very useful, especially our chat with, like, UNIDIR throughout this whole process, was to reference each other's work.  Be it in social media, whenever we are promoting kind of each other's work, or just ensuring that, you know, we can have a page in our own kind of, you know, portal that kind of references other portals.  I think that is a low‑hanging fruit, which is basically linking things and creating a static page because we know building portals also includes having the funding, having the capacity to actually update it continually.  So I think just having a cross‑reference across different portals is also very low‑hanging fruit that we could do and actively kind of promote that and kind of just say periodically, oh, these are the other portals that are available out there.  So these two dimensions I think would play out very well. 

>> CHRISTOPHER PAINTER: Thank you.  Others? 

>> ENRICO CALANDRO: Just to jump in to what Louise was saying, I support what she was saying on references these portals, and it's really important also from our research and research perspective.  So to add the reference in your piece of work to the specific portal, it would increase their credibility.  And of course, the community reading your work would see where, what's the source of why you are data on your information, and would have, certainly, an important impact on promoting the use of these portals for research purposes. 

Second one, also try to increase as much as possible the instruments for interacting with the wider community behind these portals.  So the possibility of submitting your work, of reviewing periodically.  I mean, we should not underestimate the power of users able to review the work or information on data that has been published on these portals.  Of course, that needs to be done somehow in a specific and structured way, but it should not be underestimated.  So I believe that to provide instruments and possibilities for the wider community to interact with the portal by double‑checking the data, updating the data, publishing their own work and information would be very important for promoting the use of these portals. 

>> ANDRAZ KASTELIC: I don't want to be the owner on this question.  One thing that keeps coming to mind, to be honest, is the fact these portals, to a degree, have a different purpose and different audience.  Sometimes, not always, I understand that.  As I said, CPP, cyber policy portal, is a confidence‑building tool, but we do know the use of the portal for national capacity‑building efforts or research purposes, something Enrico was emphasizing.  But at the same time, we recognize that we can't be the jack of all trades, and we don't wish to be.  That's why we have a dedicated session, other resources, and things, Louise Marie and Stephanie, for mentioning your outreach and collaboration efforts in the past.  So I think that is really helping our users to look what's beyond what we offer because I don't think we want to the offer everything. 

Another thing is perhaps we should cooperate more in our outreach and user engagement activities.  This today is a first example of this, and I applaud to the organizers, but perhaps we should tap into our networks a bit more.  Make use of them in promotion of our portals. 

>> CHRISTOPHER PAINTER: Great.  Thanks.  Those are all good suggestions. 

As you look at the landscape, you know, Andy made the point that there are different focuses, and that certainly makes sense.  You don't want everyone doing the same thing.  There are overlaps.  That's inevitable and great.  But as you look out there, all of you, the websites, the portals that are out there, are there ‑‑ you know, I think you have all said there's a bit of overlap, which is not necessarily bad, but are there gaps that you'd identify or things that you would say are not being covered that we need to make sure we are taking account of?  Or is there overlap that you find is not helpful?  And again, anyone can talk about this. 

>> LOUISE MARIE HUREL: Well, I can jump in.  I think on the gaps, definitely.  I mean, I am totally biased here, but I definitely think that we need to think more about, you know, national portals, regional portals.  I think that is a very interesting way of bringing or linking, for example, let's say, you know, Cybil or a higher‑level kind of portal such as UNIDIR that's trying to map policies across different countries and kind of territorialize it to a particular context to kind of bring more, and then we can start linking better kind of these different knowledge pockets, pockets of knowledge. 

     So the other point that I would say in terms of what I think might be a point of attention in thinking about these different portals, I think both cyber norms and mapping APT, so advanced persistent sponsored, date‑sponsored cyber attacks, are two of the key thematic elements that I see get a lot of attention, and there are lots of different kind of initiatives mapping that, which is great.  They are really important.  But I do think that sometimes we are kind of over‑creating.  There's like different emphases, but perhaps these are two points that have been capturing a lot of attention, rightfully so, but it might be a place that we need to consider, like, how can we leverage what's out there instead of kind of continue creating these mapping efforts of different norms and also different APT?  So that would be my two cents. 

>> CHRISTOPHER PAINTER: Great.  Any other thoughts from folks? 

>> ANDRAZ KASTELIC: Yeah, I would sort of build on what Louise Marie said.  I think in general we need to be reactive to what's going on around us.  So what's going on in cyber policy discussions, what's happening in UN processes ‑‑ well, no, it's one process.  And I am pretty sure we are going to see certain gaps emerge. 

Speaking from experience here, we did not start with an international collection of international views on applicable of international law to cyber space, and yet we saw, as I mentioned, there is a demand and also heating debate, I suppose, within the UN processes dedicated to ICT peace and security.  So I think that was our attempt to fill in the gap.  But I am pretty sure others are going to emerge.  I mean, Louise Marie had two examples.  I am pretty sure there's going to be something else as well. 

>> CHRISTOPHER PAINTER: Right.  Any other thoughts?  Go ahead. 

>> ENRICO CALANDRO: Yeah, maybe quickly, Chris.  In terms of gaps, I agree as well with Louise Marie that probably there is a need of working more on national or regional portals.  We are also receiving requests for developing specialized portals on Africa, digital policy developments.  It seems the African stakeholders would like to see something like that.  Probably because it's very specific geopolitical region, with its own characteristics, and therefore it would allow to have this kind of both thematic in‑depth and regional focus on the development of regional issues related to cyber. 

But the second point is also, I think, one has to be careful and mindful of the sustainability of some of these portals because, of course, here we are dealing with the GFCE, it's difficult to have the resources, the capacity to make them sustainable, and as Andraz was saying, to update them daily.  Meaning there is at least one resource dedicated exclusively to that kind of work.  This is of paramount purpose, especially if they are used for policy purposes.  We find out using the data on that portal.  If it's not updated to the latest one, a policymaker would say sorry, you are not saying what is actually ‑‑ rightfully as well.  So they always need to double‑check somehow. 

To have them probably highly specialized at the national and regional level would somehow allow maybe to fill in some of these knowledge gaps that might be there related to the difficulties on upgrading and updating them.  But at the same time, there is always need of understanding whether the model is sustainable because, you know, you can have a portal up and running for one year, but what about the future?  That's important and an aspect that I think always needs to be taken into account. 

>> CHRISTOPHER PAINTER: Look, I agree.  I think that's not an easy task, and I think probably that's the most resource intensive of any of the portals is just keeping them populated and up‑to‑date, and especially with the changing environment we have.  And you are quite right, they lose relevancy if they are not as up‑to‑date as they can be.  So that is something ‑‑ that's a concern and something we need to look at as a gap. 

Any other thoughts on that?  And if not, I will move to the last question.  But any other thoughts? 

>> STEPHANIE BORG PSAILA: I do, Chris, and this aspect about the resource‑intensive needs to keep the content updated is something that ‑‑ and now I am wearing the hat of the Digital Watch Observatory.  It's something we felt too.  It's the larger or the richer the content on the portal, the bigger the resources needed to keep those updated. 

We have a team of, at the moment, around 30 specialists who look at the content every day.  But sometimes ‑‑ and that's ‑‑ I acknowledge that that's a large group.  But sometimes it feels it's not enough.  So you know, since we look at digital policy from such a broad perspective, it's a challenge to keep up with all the development simply because it's so dynamic.  There are developments every day.  So going to even regional and national levels, that's a huge jump.  So the resources required for that are even, even more, you know, they have to be very large.  So in terms of sustainability, for the portals, I think some serious thinking is required.  I mean, for anyone thinking of setting up a portal, it's no joke and some serious thinking and funding also is required for the resources. 

>> CHRISTOPHER PAINTER: Go ahead, sorry. 

>> STEPHANIE BORG PSAILA: No, I just want to mention the funding aspect because basically, you need money to keep the ‑‑ you know, the experts need to be compensated for the work.  It's natural.  So there's a lot of funding required to keep things moving along. 

>> CHRISTOPHER PAINTER: Yeah, I would say two things.  One, look, I know many in this community ‑‑ I think all in this community ‑‑ are really passionate about the subject.  They want to work and want to volunteer as much time as they can.  But you have to ‑‑ you do have to fund and resource.  People have to live.  So it's an important thing.  And even in the ‑‑ and it's not always that easy raising funds for these projects.  I am hoping we can maintain cyber security and cyber security capacity building after this year when it's gotten more national and international attention, but it's always a hard issue, and it's something we need to call more attention to.  And that's a larger discussion about how we can tap into the larger, I think, development community to think about this.  And I would tell you that even when I was in the government, when we were just trying to keep our own website updated, which beam would use ‑‑ researchers and others would use ‑‑ for authoritative positions like on the U.S. Government, that was really hard.  So it's not ‑‑ it's governments share the same issues too, and a lot of our information is drop from governments. 

Let me move to the last open question, and then we are going to open it up to questions.  There's already been a number in the Chat from the audience.  If there's something that you could ask of the wider community or another organization that would make your job easier, what would that be?  And answer if you want to.  Don't if you don't.  We can move into questions too.  So this is kind of an open question if there's something you would say.  I think a number of you talked about this already.  Funding, resources, more discussion between the portals I think have all come up.  If there's anything that hasn't come up, please say now. 

>> ANDRAZ KASTELIC: Can I start?  Yeah. 

>> ANDRAZ KASTELIC: One thing that has come up is this.  If you notice there is perhaps an issue on our information, a specific profile, please feel free to raise this.  We are not perfect.  We get a lot of information from the government, but nonetheless, a lot of the profiles are updated through desk research.  So I think that would be ‑‑ flagging of an issue would be immensely appreciated.  That's one. 

And second, I think it's very clear, also, any potential issue that we may have with a user interface or, you know, the request for a new functionality, something like that.  I think all these things would be immensely appreciated. 

We actually have a dedicated feedback form on our website.  We get quite a lot of information through that.  More and more so, to be honest.  And I think that's something that I'd encourage to use, not only my fellow panelists, but anyone that may be interested in this area. 

>> LOUISE MARIE HUREL: Sorry, Chris.  Go ahead. 

>> CHRISTOPHER PAINTER: No, no, I just said great.  Go ahead. 

>> LOUISE MARIE HUREL: I was just going to add to what Andy was saying right now because one thing that as soon as we launched ‑‑ I think there are two things here.  Like the first one is, you know, how do we build these places where people can actually feed into and goes back to Enrico's point.  We actually have a feedback ‑‑ not a feedback, but it's really like a data input form, and people have really kind of reached out and kind of said I don't understand.  Aren't you mapping more cyber crime nationally?  And that is really interesting because it was like from people in the federal police that were working with these things and reached out through that particular element and thought they could add to the experience of mapping the national landscape.  And one thing that I think we are really, really open about is that we are not trying to kind of be, you know, exhaustive here.  We are really leveraging the knowledge of these experts.  So I think, you know, looking from that perspective just gives the user so much more power to kind of build collectively this knowledge base. 

And the other point would be definitely kind of to bring, as I said, you know, how can we communicate better, you know, the different national developments?  And because, as I said, in Brazil for example, like cyber security and cyber crime are very much related in terms of roles and responsibilities.  I mean, that's not exclusive to Brazil.  But just having that perception and being able to communicate that externally is absolutely amazing.  So yeah. 

>> CHRISTOPHER PAINTER: Great.  Go ahead. 

>> ENRICO CALANDRO: No, please, Chris. 

>> CHRISTOPHER PAINTER: No, go ahead. 

>> ENRICO CALANDRO: Yeah, very quickly on this.  So I think it is important to consider sometimes not to duplicate efforts that are already in place.  Just to give an example, when we used to conduct research, ICT Africa, our ICT access used survey producing these big data sets on a number of African countries.  We found ourselves in the position of whether we should have our own dedicated portal for that highly specialized data set or maybe to use another portal.  And we decided to use another one, another repository that has got already a number of data sets simply because we don't want to reinvent the wheel.  There is somebody that does the job better than us.  We do research, collection of data, curating the data, let's do that rather than to add a component of portal.  So from our perspective, it would be better at that point to say let's collaborate with the portal, let's be part of that repository, you know, what's what it does, highly specialized on data repository from different sources, across different teams and organizations.  So I think that would help the community, considering that there are already existing portals that do that kind of job of aggregating the kind of information, let's rather use them because they already, as we said, team of doing that kind of work of aggregating data and information. 

And secondly, I am wondering also up to what point these portals can be used also for internal tools.  So not only as an interface for the public, but somehow also to benefit internal communications or work that is done at an organizational level.  I guess the UNIDIR portal is probably used by their researchers for their own purposes.  Similarly I am sure the Cybil portal is used by the GFC community and team as well for their own research.  So sometimes you see duplication.  Using portal for their own purposes, internal communication, and external for the broader audience.  So I am wondering if sometimes it would be better to merge these two processes and to use one point of access, both for internal and external issues. 

>> CHRISTOPHER PAINTER: And also, as it was pointed out in the Chat too, to share practices on how these portals are being set up, what the back end looks like.  As you say, what features they have I think is useful.  Both because one could serve as an an example to another, but also the duplication point you made. 

I want to open up to the audience for questions, and both questions from people who are dialing in and want to share their experience running or using a specialist cyber portal or a participant that might want to say what they find more valuable, what sites they find most valuable. 

We have a couple questions that have already come up from the Chat.  One of them from Carolin Wisner is do we have any way to know how many users the websites and the capacity builders' networks have in common?  Is there any overlap?  Does anybody have a good sense of that or is that something at this point unknown? 

>> STEPHANIE BORG PSAILA: Chris, when it comes to the overlap, the number of users visiting a website, that's easy to know because there are tools such as the analytics to tell you that.  When it comes to users' overlap, that is a bit difficult because the analytics will not tell you who the users are.  Plus there are all sorts of data protection issues, so you can't really, first, know.  Second I, even if you do, which is very difficult, I don't think that's ‑‑ it's even possible to share information about that, you know, with other portals. 

But Carolin's question brings to mind the point of the user awareness.  So in terms of numbers, how many users use each portal, I think that's very useful to share, and I can tell you immediately that the Cybil portal, it grew from 1,000 users a month to 3,000 users a month last year.  So that's a significant increase in the number of users.  But still, we feel that that's not enough.  We think that there are still a lot of people out there who can benefit from the Cybil portal but still don't know about it.  So there is ‑‑ I personally feel there is an issue of a lack of awareness.  So there is no one space online where you can see ‑‑ or at least I am not aware of it ‑‑ where you can see all the different portals out there. 

What there is ‑‑ and it's just been published ‑‑ is a study that Diplo carried out, and it was funded by ‑‑ it was actually mandated by the GFC and funded by the Government of Canada.  It was a gaps analysis of cyber capacity building tools.  And we did a review of the portals out there, so somewhere there is a list in the study which is online.  I know it's not the same as having it on a portal, for instance, having the list there.  But my point is that one thing that we found in conducting the study is, again, the lack of awareness of these tools, including the portals.  And we felt it is a bit counterintuitive because there is so much information out there, you know, we receive emails, we are on social media, we are exposed to so much information, and yet still people don't know about the different portals.  So there's a lot of, perhaps, noise, and the useful information about the portals is not getting through to the people who need it. 

The study focused on diplomats, that's true, but I think it's judging from the number of users that Cybil has, I think it's a more, let's say, generic issue about the lack of awareness.  So that's something that when we think of cooperation among the portals, that's something that we can also build on.  For instance, the portals internally, even if not here, this is a public event, but if portals getting together and sharing the number of users they have every month, seeing how the number increases, seeing how they can work together to promote the other portals, why not?  This is part of the cooperation; right?  So yeah, I will leave it at that.  Chris, back to you. 

>> CHRISTOPHER PAINTER: Thank you for that.  I think it is hard to see where the overlaps are.  I take your point.  And sort of this cross‑promotion that several of you raised in the beginning of the session I think is helpful for awareness purposes.  And another is just to get a sense from users what they find valuable and what they don't, and maybe even what other portals they use as you do surveys or feedback from users.  And that's really the second part of Carolin's question.  Do any of you have an example ‑‑ I am sure you have many examples, but one that you'd like to say today ‑‑ of a user that found your portal particularly helpful for doing their work, and how did it enable their work in the end?  This is a value proposition.  We don't see that just by the numbers who come from the portal.  It's more feedback we get orally or written from the users.  Anyone have a story they want to tell?  Don't all jump at once. 

>> ANDRAZ KASTELIC: I must disappoint you.  It's not a story.  I am sorry about that.  It's a bit of a bullet point list of things that I think was quite rewarding to hear.  We have quite a lot of testimonials on our social media platforms from a variety of users, so it be governments, researchers, private entities or private sector.  So I think that is something that's quite rewarding to know that we are on the right track. 

Second, which I understand it's very context‑specific or very cyber policy‑specific, but I need to repeat the fact that we were explicitly mentioned in the OWG and GG reports of 2021 was a big recognition also for the portal.  And I think the fact that we are on the right track.  Those are two ‑‑ unfortunately, again, not a story, but still quite useful, I suppose. 

>> CHRISTOPHER PAINTER: Great.  Anyone else want to jump in?  I do think ‑‑ at least I have heard from many people that these portals are very helpful.  And useful because if they know about them.  This goes back to the point they have to know about them first before finding them useful.  But I have heard from many people that these collections, which have different focuses but are very helpful ‑‑ the GFC one, certainly the capacity‑building communities find that helpful because of the number of products, the fact that they are updated and they deal with such a range of topics has been very helpful to them.  And then part of that is, you know, a lot of the chat I am seeing now deals with some of the technical issues of setting up a portal.  So there is the actual content issues, but there's the back office, back room, how do you set them up? 

And one little conversation between Louise Marie and Robert Colette is exactly on this point, that just the technical aspect is useful to share among people, but Robert makes, I think, a very interesting ‑‑ or Louise makes a very good point that when you set up a security portal, for instance are the GFC, you are instantly set up for attacks.  So you have to think about security issues as well.  Louise, I don't know if you want to talk about that for a moment. 

>> LOUISE MARIE HUREL: Yeah, absolutely.  This is something that is kind of funny.  Like when you look at it from that perspective.  In a sad way but in a good way.  Let's say.  Setting up a portal involves so many dimensions.  As a researcher, project coordinator kind of function, you have to oversee all of these things, and you need to kind of plan knowing what you need to plan for.  Just having this conversation across different portals about what you need to include when you are thinking about setting up a project for a portal is absolutely fundamental.  And I don't think sometimes we consider, like, the security or having, you know, budgets ‑‑ a part of our budgets that actually cover security for that infrastructure that might possibly need to be a little bit more sophisticated than your usual kind of security of your organization, let's say, or of different portals that you have set up.  So I think having that in mind, which is kind of mundane, is important for bridging aspects of what you put out there together with what do I need to actually make sure that this platform, that this portal will be sustainable.  And independently of different, you know, backgrounds or different regions or different funding capacities that you might have, that will allow you to plan in a more concrete way of what you can achieve with the funding that you do have.  Obviously, we do, as Andy said previously, we can have beautiful futuristic kind of plans of how we can visualize things in a very interactive way, but you know, what can we do to optimize what we have right now and have these criteria very laid out?  So I think this conversation is one of the types of conversation that would be useful for a network going forward.  You know? 

>> CHRISTOPHER PAINTER: Let me raise that question, since we are getting toward the end of our time.  And I have been told we have to end on time absolutely by our organizers.  You know, this has come up a few times.  It seems to me it's a good idea, but I really want to get your guys' sense of this.  This meeting, to me, mass been very helpful just in sharing information.  Would it be helpful to have a more formal virtual meeting of portal managers in 2022 to share notes, share experiences, you know, figure out what they have in common, what they need to build, what some of the deliverables are?  Would that be something that would be useful to organize?  I see a thumbs‑up from one of our panelists.  Anyone want to address that?  Stephanie, you want to start?  You did the thumbs‑up.  A couple of you did.  Stephanie, let's start with you. 

>> STEPHANIE BORG PSAILA: Yeah.  I mean, definitely yes.  I think the question is who is going to take the initiative to organize, and I think it's something that the Cybil Steering Committee can initiate.  And there has been already work by Kathleen, Robert, Carolin, the Steering Committee itself.  Some let's say building blocks, some elements for this. 

>> CHRISTOPHER PAINTER: Great.  Others on the call? 

>> LOUISE MARIE HUREL: Yeah, absolutely.  I think perhaps one way of thinking about this is, you know, we started a conversation here about what kinds of things you might consider when setting up a portal.  Independently of the funding that you have, maybe think about this, you know, linking out both the back end and the content kind of end and trying to kind of communicate that with the wider audience that's interested in building their own portals, just sharing that information, structuring it in a way, so I think that would be something that would kind of focus the work of these conversations, beyond just sharing best practices, which I think is really good.  But tying that to, perhaps, the work that the GFC has been doing.  I think that is a very interesting way of just structuring ideas around cyber capacity building from the perspective of the portals. 

>> CHRISTOPHER PAINTER: Right.  I think the Steering Committee and the GFC can take that on and will be in touch on that. 

Just in one minute or less ‑‑ actually, less than one minute ‑‑ just 30 seconds ‑‑ any other concluding remarks you guys have before I kind of wrap it up with some concluding remarks and recommendations?  If you have them.  You don't have to have them, but go ahead.  Anything else anyone wants to add? 

Well, you know, thank you for this.  It's been a very rich discussion, I think.  And you know, the GFC is certainly very pleased to support this event because that's -- really we are about supporting each other, international cyber security agenda, but also help all these other things, as people said, the regional approach, national approach, the more focused approach.  And there are a lot of things I heard in this meeting that I think are, as we said, it's always nice to have a meeting where you have concrete recommendations.  And there are a lot of them.  Everything from collaborating in terms of the back end of portals to cross‑promotion to linking between portals, to really awareness.  I think one of the key things I heard from many of you is just making sure people are aware of this.  And making sure these portals are actually useful and current and the updating issues and the resource intensity of that.  But also I think that cross‑communication will help with that as well.  So you know, I learned a lot in this in terms of what ‑‑ I have used several of these portals myself, and I always find them very, very helpful.  And this is a relatively new concept, but one I think will grow as people become more aware of it.  And we go into additional sessions, both in the UN system and regional systems and the GFC community, these will turn out to be, I think, even more valuable for folks as resources. 

A couple of the other issues is, as I said, placing more sign posts on portals to other sites in the network I think are helpful.  We mentioned doing more joint communications on our sites.  For example, the GFC magazine could have an article on the network of websites and talk more about that.  We have had some point of that in the last issue, but going further on that.  And you know, I do think there's a lot of support to have a call in 2022 to get folks together.  And I welcome suggestions, both from our panelists and other people listening to this call, on everything we've talked about today, how we can strengthen this ecosystem, and how we can take this forward.  Because it's really, I think, meant to serve the larger community, but it's also a community effort. 

So with that, I want to bring the panel to a close.  I want to thank all of our panelists for their great comments.  But also for all the work they put in because, you know, it's not just showing up on a panel.  It is all the work you are doing both behind the scenes and in front of the scenes, which I know is not easy, but it's much appreciated by, I think, the entire community.  So thank you for that. 

>> ANDRAZ KASTELIC: Thank you, Chris.  Thanks for having us. 

>> ENRICO CALANDRO: Thanks, Chris, bye, everyone.