As discussions around all things digital become increasingly mainstreamed, cyber capacity building has established itself as a key component in the development agenda.
Capacity building, broadly defined as — “stimulating change by developing or strengthening the capabilities and competencies of individuals, institutions, governments and societies ‘at large,’” with an emphasis on the need for processes “to be driven ‘from within’ with external actors providing support” — has seen organizations and governments investing in a whole range of initiatives. These can be commonly categorized into cybersecurity policy; cyber incident management and critical infrastructure protection; cybercrime; cybersecurity culture and skills; and cybersecurity standards.
The inclusion of cyber in capacity-building agendas is a welcome development and has seen innovative efforts spring up across the globe. In the growth of this space and activity of its participants, the need to map what is happening, what works, and most importantly what doesn’t is increasingly important. A genuine concern to avoid duplication, at the very least, and encourage collaboration has seen a proliferation of studies and surveys to map existing efforts.
In a attempt to help realize this approach in the Pacific, a group of regional cybersecurity experts and practitioners undertook an ad hoc exercise during a 2018 Asia Foundation Cybersecurity Workshop in Port Moresby, PNG, to develop a shared document.
As a group, our objectives were to map initiatives and share local contacts to build a network of experience that all could draw from.
Building on this initiative at this year’s Cybersecurity Workshop for Stakeholders in the Pacific, organized by Global Partners Digital, the document looks to host this information in a transparent and open way, to be used idealistically, and perhaps naively, to build better informed and more impactful initiatives.
Such initiatives discussed included the establishment of National CERTs, joining PaCSON, having a cyber strategy and/or adopting a cybercrime legislation.
This is an earnest attempt to create a public resource, an independent, crowd-sourced map of initiatives undertaken in the region aimed at helping collaboration across the Pacific.
It’s a bit of an experiment, but we hope the community can come together to contribute and get value from this attempt to increase peer-to-peer collaboration and information sharing for cyber capacity building.
Let us know if this effort is useful, how it can be improved, and do share your contributions to make the platform more meaningful.
The document is available to read and comment on directly or you can send comments, questions, and additions to myself or Klée.
Contributors: Klée Aiken
Editors note: The 2018 Asia Foundation Cybersecurity Workshop was part of a larger technical training project – which will conclude in March 2020 – and was coordinated by The Asia Foundation (TAF) in partnership with the APNIC Foundation. The project is being funded by grants from the Australian https://dfat.gov.au/international-relations/themes/cyber-affairs/cyber-cooperation-program/Pages/cyber-cooperation-program.aspxCyber Cooperation Program and New Zealand’s Ministry of Foreign Affairs and Trade. The Asia Foundation is planning to hold a second follow-up workshop in PNG early next year.
The Global Forum on Cyber Expertise (GFCE) is also hosting a Pacific regional capacity building workshop on Melbourne, Australia in mid-February 2020 along side the Global Cyber Security Capacity Centre (GCSCC) Oceania Cyber Security Centre (OCSC) Conference that, like the doc, will aim to map efforts/needs, reduce duplication and promote collaboration.
Cherie Lagakali is an ICT consultant based in Fiji.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.
Cherie, great article capturing the cyber security efforts in the region. One weak point in cyber security would be the acts of uninformed internet users. In my opinion, Cyber security capacity building that includes Cyber security awareness would be a healthy approach.