Avoiding gaps and duplications in global cyber capacity building

The Global Forum on Cyber Expertise (GFCE) was established in 2015 as a platform for cyber capacity building worldwide. It provides an opportunity for GFCE members to promote capacity-building initiatives and exchange expertise. The forum’s main ambitions: avoiding gaps and duplications in cyber capacity building and identifying successful initiatives to scale them to a global level. What has been achieved so far and what is in store for the years to come?

Written by: Mr. Anne Blanksma Çeta, Senior Advisor at the Secretariat of the Global Forum on Cyber Expertise

Collaboration on 11 capacity-building initiatives

Across the world, public and private organizations are investing in cyber capacities to reap the economic and social benefits that IT has to offer. Increased interconnectedness also necessitates the management of risks in cyberspace: strengthening cybersecurity, combating cybercrime and protecting online data. It is a global game, and the stakes are high. Weaknesses in cybersecurity can be exploited from anywhere; catching cybercriminals requires international collaboration and a new digital divide can stifle growth in developing economies. In the GFCE community, states, companies and intergovernmental organizations work together with NGOs, academia and the technical communities in the global effort to build cyber capacities. So far 25 GFCE members and partners collaborate on a total of 11 different cyber capacity-building initiatives.

The initiatives fall in two categories. First are the regional initiatives, which support capacity building in a certain geographical area. Three initiatives are focused on capacity building in Africa: obtaining research data on cyber trends and developments, supporting national and regional cybersecurity strategies and incident response mechanisms and the training of cyber staff. In the America’s the Organization of American States (OAS) coordinates similar programs to develop local cyber capacity, the US and Canada developed best practices for cybersecurity awareness campaigns, while an initiative in Southeast Asia focusses on collaboration to combat cybercrime.

Regional and Global GFCE Initiative (data provided by The Shadowserver Foundation)

Regional and Global GFCE initiatives

A second category of initiatives operates on a global scale. Some initiatives focus on a policy domain such as the development of Incident Response Mechanisms/CSIRTs, Responsible Disclosure policies (see page 33), Critical Information Infrastructure Protection and Internet Standards. Other initiatives offer practical tools which can be used by other GFCE members in their capacity-building efforts. Different members have already successfully assessed their level of Cybersecurity Maturity by using a model developed by the Global Cybersecurity Capacity Centre (GCSCC) at the University of Oxford. The new CyberGreen initiative helps countries and organizations assess the health of their overall cyber ecosystem.

Further pitches for initiatives on cybersecurity in the banking sector and capacity building-related research are expected during the GFCE Annual Meeting on June 1st and 2nd in Washington, DC.

Exchanging cyber expertise during GFCE meetings and international conferences

Exchanging cyber expertise at 11 international meetings

Collaboration on cyber capacity building primarily occurs within initiatives, but the GFCE also promotes the exchange of expertise across initiatives and with third parties during international cyber conferences. During the Annual Meetings, members have the opportunity to present initiatives to the GFCE Community during breakout and plenary sessions. GFCE members can also organize their own Expert Meetings, aided by logistical support from the GFCE Secretariat. So far, 4 expert meetings have taken place in Prague, Budapest and two in Dakar. During these meetings, experts exchange best practices on issues such as Responsible Disclosure and CSIRT maturity. These meetings are also interesting vehicles for the exchange of experiences across initiatives. For example, during the Expert Meeting on Cybersecurity in West Africa, the US was able to share their experiences on Cyber Awareness Raising, while the Netherlands introduced their approach to Responsible Disclosure.

Finally the GFCE also offers opportunities to promote best practices during International Cyber Conferences. In 2015 and 2016, the GFCE organized sessions during 5 such conferences: IGF (Brasil), the Meridian (Spain), Europol-Interpol Cyber Conference (the Netherlands), WSIS (United States) and the One Conference (the Netherlands).

Results, results, results

The GFCE is a nonpolitical forum aimed at achieving practical results. The current set of initiatives will start making deliverables available in 2016. Increased collaboration within the GFCE network will lead to more initiatives and activity by members and partners. The establishment of the GFCE Advisory Board consisting of 10 representatives from NGOs, the technical community and academia will provide new opportunities for multistakeholder collaboration and the impetus for new ideas. Initiatives are increasingly expected to move to the implementation phase, in which the GFCE can be used as a platform to find implementation partners and draw expertise.