Cybersecurity Policy and Strategy

Cybersecurity Policy and Strategy is one of the five thematic streams of the GFCE’s work, as codified in the GFCE’s Delhi Communique.

Within this theme, the GFCE facilitates dialogue, collaboration and information sharing on cyber capacity building as it relates to the topics of: National Cybersecurity Strategies, Capacity Assessments, Norms and Confidence Building Measures Implementation, and Cyberdiplomacy.

Working Group A on Cybersecurity Policy & Strategy

The GFCE’s multistakeholder community comes together to share, shape and form knowledge on specific issues related to cybersecurity policy and strategy in Working Group A. The main objective of the group is to help countries and other stakeholders strengthen their policy and strategy making capacity, and to create a space for multistakeholders to share expertise and learn from one another. The Working Group has also created a dedicated platform to discuss developments taking place in UN international negotiations through a special “Capacity Building and the UN Processes” series, in collaboration with the GFCE Working Group on Cybercrime.

Reports and Deliverables

• 2022
  In 2022, the Task Force on Strategies and Assessments developed an interactive web-based tool from the deliverable “Catalog of Project Options for the National Cybersecurity Strategy (NCS) Cycle”, with support from the US State Department. The online Catalog was translated into French and Spanish to broaden its reach and improve accessibility. The Task Force also published the “Short Guide to Stakeholder Engagement on NCS Development” and kept an overview of new, planned and in progress National Cybersecurity Strategies. The Task Force on CBMs/Norms Implementation and Cyber Diplomacy is launching a new series on the UN cyber processes (GGE, OEWG and AHC), in collaboration with Working Group C on Cybercrime. The recurring sessions will delve deeper into the processes from a cyber capacity building lens and is envisaged to build greater understanding on the synergies with the GFCE ecosystem.
• 2021
  In 2021, the Strategy & Assessments TF finalized and published the Catalog of Project Options for the National Cybersecurity Strategy (NCS) Cycle and the Global Overview of Existing Cyber Capacity Assessment Tools (GOAT). The GOAT is available in four languages and the Catalog is currently available in two languages, with two more on the way in 2022. The Catalog will also be turned into an interactive web-based tool in 2022, supported by the US State Department.In the spirit of knowledge sharing and coordination, the TF has developed an internal database tracker on National Cybersecurity Strategy and Assessments, facilitating the tracking and sharing of updates raised during TF meetings.Another highlight of 2021 is the initiation of a joint collaborative project with Working Group B TF CIIP on developing a Guide for the Process of Identifying Critical National Infrastructures (CNI). The TF presented its work during the GFCE Showcase Meeting in September and identified three research topics for the Global CCB Research Agenda 2022.
• 2020
  To help countries know what types of support activity are available for the National Cybersecurity Strategy cycle, and to help programme managers design projects, the Strategy & Assessments Task Force developed a ‘catalogue’ of examples. A draft of the catalogue was prepared for the GFCE Annual V-Meeting 2020 and will be finalized for circulation by early 2021. Based on the outcome of the Cyber Capacity Assessments webinar in April, members of the Strategy & Assessments Task Force came together to form a project team to develop an overview of the existing tools to assess cyber capacity of countries. The project will be finalized in February/March 2021.The CBMs, Norms Implementation and Cyber Diplomacy Task Force developed an introduction paper on CBMs as they relate to cyberspace in 2020 (available in English and Spanish). During the GFCE V-Meetings in May, the Task Force organized a session on Capacity Building and UN Processes; which saw the participation of the Chairs of the UN GGE and OEWG. The aim of the session was to provide an update on the UN OEWG and GGE processes, and to elaborate on the role of capacity building in implementing the outcomes of such discussions. The Task Force has also put together a living overview of the existing capacity building initiatives and trainings on the relevant topics.In 2020, both Task Forces submitted a total of 6 research ideas for the Draft Global Cyber Capacity Building Research Agenda 2021.
• 2019
  In 2019, the Task Forces focused on mapping existing initiatives and available tools related to their respective topics. During the GFCE Annual Meeting 2019 in Addis Ababa, both Task Forces organized workshops for the beneficiary community.The CBMs, Norms Implementation and Cyber Diplomacy Task Force developed a whitepaper on Cyber Diplomacy. The Strategy & Assessments Task Force supported Sierra Leone with their Clearing House request (still ongoing), bringing together implementors and donors to discuss Sierra Leone’s priorities and how the international community could support them at the GFCE Annual Meeting. The Task Force also used the GFCE Annual Meeting to help coordinate strategy support projects in West Africa, in partnership with ECOWAS.
• 2018
  The Working Group presented a collection of interviews on national cyber strategies with cybersecurity specialists in Norway, Mexico and Senegal.Recognizing the importance of the ongoing international cyber negotiations and the need for greater cyber diplomacy capacity, the Working Group split into two Task Forces during an informal meeting at the Internet Governance Forum (IGF) in November 2018.