IGF 2022 Open Forum #44 Enhancing cybersecurity of the National Administration

Time
Tuesday, 29th November, 2022 (14:20 UTC) - Tuesday, 29th November, 2022 (15:20 UTC)
Room
CR4

Panel - Auditorium - 60 Min

Description

The Open Forum will explore the different national and regional organizations, structures and perspectives of the different administrations which have a role and aim to enhance cybersecurity at the national level.

The panel will exchange experiences and ideas to enhance the present infrastructures and will also review the challenges that all countries experience, like the lack of human resources, the need for general awareness and training and the need to create capacity building spaces and activities.

The Open Forum will be organized as an online activity with the moderation of a MAG member present in the room, Mr Roberto Zambrana from Bolivia will contribute with the moderation.

Organizers

Director of Cybersecurity - Undersecretary of Information Technology - Secretary of Public Innovation - Chief of Cabinet of the President of Argentina

South School on Internet Governance

Dominios Latinoamérica

CCAT LAT - Centro de Capacitación en Alta Tecnología para Latinoamérica y el Caribe

Speakers

Speakers:

Wolfgan Kleinwaechter - Professor Emeritus at the University of Aarhus

Regine Grienberger - Ambassador for Cyber Foreign Policy - Germany

Liina Areng - Regional Program Lead at EU CyberNet
 
Cesar Moline  - Director de Ciberseguridad, Comercio Electrónico y Firma Digital at INDOTEL
 
Kerry-Anne Barret - CyberSecurity Program Manager - Organization of American States
 
Online Moderator
Olga Cavalli
National Director of Cybersecurity of Argentina
Academic Director South School on Internet Governance
 
Onsite Moderator
Roberto Zambrana
MAG Member
Onsite Moderator

Roberto Zambrana

Online Moderator

Olga Cavalli

Rapporteur

Mónica Trochez

SDGs

12. Responsible Production and Consumption

Targets: TARGETS 9.1 Develop quality, reliable, sustainable and resilient infrastructure, including regional and transborder infrastructure, to support economic development and human well-being, with a focus on affordable and equitable access for all 9.a Facilitate sustainable and resilient infrastructure development in developing countries through enhanced financial, technological and technical support to African countries, least developed countries, landlocked developing countries and small island developing States 9.b Support domestic technology development, research and innovation in developing countries, including by ensuring a conducive policy environment for, inter alia, industrial diversification and value addition to commodities 9.c Significantly increase access to information and communications technology and strive to provide universal and affordable access to the Internet in least developed countries by 2020 TARGETS 11.a Support positive economic, social and environmental links between urban, peri-urban and rural areas by strengthening national and regional development planning 11.b By 2020, substantially increase the number of cities and human settlements adopting and implementing integrated policies and plans towards inclusion, resource efficiency, mitigation and adaptation to climate change, resilience to disasters, and develop and implement, in line with the Sendai Framework for Disaster Risk Reduction 2015-2030, holistic disaster risk management at all levels 11.c Support least developed countries, including through financial and technical assistance, in building sustainable and resilient buildings utilizing local materials TARGETS 16.3 Promote the rule of law at the national and international levels and ensure equal access to justice for all 16.4 By 2030, significantly reduce illicit financial and arms flows, strengthen the recovery and return of stolen assets and combat all forms of organized crime 16.5 Substantially reduce corruption and bribery in all their forms 16.6 Develop effective, accountable and transparent institutions at all levels 16.7 Ensure responsive, inclusive, participatory and representative decision-making at all levels 16.8 Broaden and strengthen the participation of developing countries in the institutions of global governance 16.9 By 2030, provide legal identity for all, including birth registration 16.10 Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements 16.a Strengthen relevant national institutions, including through international cooperation, for building capacity at all levels, in particular in developing countries, to prevent violence and combat terrorism and crime 16.b Promote and enforce non-discriminatory laws and policies for sustainable development TARGETS Technology 17.6 Enhance North-South, South-South and triangular regional and international cooperation on and access to science, technology and innovation and enhance knowledge sharing on mutually agreed terms, including through improved coordination among existing mechanisms, in particular at the United Nations level, and through a global technology facilitation mechanism 17.7 Promote the development, transfer, dissemination and diffusion of environmentally sound technologies to developing countries on favorable terms, including on concessional and preferential terms, as mutually agreed 17.8 Fully operationalize the technology bank and science, technology and innovation capacity-building mechanism for least developed countries by 2017 and enhance the use of enabling technology, in particular information and communications technology Capacity-Building 17.9 Enhance international support for implementing effective and targeted capacity-building in developing countries to support national plans to implement all the sustainable development goals, including through North-South, South-South and triangular cooperation Trade 17.10 Promote a universal, rules-based, open, non-discriminatory and equitable multilateral trading system under the World Trade Organization, including through the conclusion of negotiations under its Doha Development Agenda 17.11 Systemic Issues Policy and Institutional coherence 17.13 Enhance global macroeconomic stability, including through policy coordination and policy coherence 17.14 Enhance policy coherence for sustainable development 17.15 Respect each country’s policy space and leadership to establish and implement policies for poverty eradication and sustainable development Multi-stakeholder partnerships 17.16 Enhance the global partnership for sustainable development, complemented by multi-stakeholder partnerships that mobilize and share knowledge, expertise, technology and financial resources, to support the achievement of the sustainable development goals in all countries, in particular developing countries 17.17 Encourage and promote effective public, public-private and civil society partnerships, building on the experience and resourcing strategies of partnerships Data, monitoring and accountability 17.18 By 2020, enhance capacity-building support to developing countries, including for least developed countries and small island developing States, to increase significantly the availability of high-quality, timely and reliable data disaggregated by income, gender, age, race, ethnicity, migratory status, disability, geographic location and other characteristics relevant in national contexts 17.19 By 2030, build on existing initiatives to develop measurements of progress on sustainable development that complement gross domestic product, and support statistical capacity-building in developing countries

Call to Action (* deadline 2 hours after session)
Cybersecurity affects us all differently. The government perspective in terms of creating the ecosystem, the private sector in terms of creating the technology and then the end user because we are the citizens who are the absorbers of the technology.
Session Report (* deadline 26 October) - click on the ? symbol for instructions

This open forum  focused on how to enhance cybersecurity and tack I will cybercrime. Also, the efforts that are different governments are doing regarding this important issue.

In the multi-stakeholder model, the private sector and governments are singled out as the main stakeholders in the model. But, today there is no single model for cyberspace governance as it depends on different issues:  If it is about cybersecurity, the governance model will be different when it comes to domain name system management, since, governments are in an advisory capacity because all the work is done by technical experts and by registries, and many diverse capabilities on the non-state side.

One concrete proposal is the creation of multi-stakeholder drafting teams to work on certain texts to find a decision-making capacity that will remain in the hands of the government. An intergovernmental body.

 

Latin America

One of the challenges in developing countries, in matters related to cybersecurity, is to keep up to date with technology, since they tend to acquire it in other countries, depend on the budget and it is difficult to follow up on progress when there is stability in the security operation.

Another important aspect is the lack of human resources, there are not many universities that offer training courses in cybersecurity.  Especially in Latin America, many of the good human resources go to work in developed countries, that is another big challenge to be faced.

On the other hand, Latin America, on its path towards digital transformation, also faces challenges in terms of infrastructure, digital economy and e-government. It requires the promotion of proactive public policies that, for example, enable the deployment of broadband services, both nationally and regionally, social inclusion and sustainable development, and finally, the use of ICTs for environmental protection.

Specifically in Argentina, to improve cybersecurity especially in the national administration, they have a national cybersecurity strategy. A national cybersecurity committee involving several ministries and a public innovation security directorate, which issued a policy called "minimum information security requirements for national public sector organizations". This policy sets out the status of the minimum information security requirements that are mandatory for these ministries or parts of the national administration.  And the main recipients and producers of information in the country.

In the Dominican Republic, for example, alliances have been made with the private sector to bring telecommunications services to remote communities where no provider would reach. The approach to the regulator and NGOs are efforts to try to bring connectivity to the people who need it most, so that the Internet can be an enabler of their transformation.

 

EU

The EU is the world's largest provider of development aid. Through the CyberNet project it tries to support efforts by raising cybersecurity awareness among both donors and recipients.

For CyberNet the big challenge comes when designing trainings or selecting experts, as, the result must be something that the recipient can feel they have really contributed to, otherwise the work will be quickly forgotten and the policies that have been drafted and even adopted will never be implemented.

In Germany they have a national cybersecurity strategy that describes the task and responsibilities of each and every part of the public administration.

The strategy also describes the second level, which is a society-wide approach.  Therefore, the technology sector, telecommunications providers, critical infrastructure providers, academia, civil society actors, etc. are also included. Thus, the multi-stakeholder approach is reflected.

The third layer is embedded in an EU framework, where a network and information security directive, gives instructions on what to do at the national level. They have an EU cyber defense posture, and there is an EU cybersecurity strategy that describes some tasks that they do together, such as capacity building.

A big challenge for Germany is that this multilevel, multipronged perspective on cybersecurity means for the government a sense of loss of control. 

Another big challenge, is to understand the impact that developing technologies will have on national security, due to their high speed of development. 

The third challenge has to do with this delicate balance between privacy and individual rights.

The fourth challenge is misinformation, since in the German system the mechanisms dealing with this problem are completely separate from cybersecurity.

 

Conclusions:

Cybersecurity affects us all differently.  The government perspective in terms of creating the ecosystem, the private sector in terms of creating the technology and then the end user because we are the citizens who are the absorbers of the technology, we need to have different levels of knowledge and different levels of information available to us.