In September, the Global Forum on Cyber Expertise (GFCE) hosted its annual meeting in Washington, D.C. at the Organization of American States, bringing together key stakeholders from the global cybersecurity capacity building community. The GFCE was launched in 2015 with a mission to strengthen international collaboration on cyber capacity building and now has over 200 members and partners from all over the world. These include both governments and non-governmental entities. The annual meeting has proved a useful format for bridging cyber capacity gaps by exchanging ideas and updates on cyber diplomacy, building resilient cyber infrastructures, incident response, workforce development, public private partnerships and gender mainstreaming in cybersecurity, among other issues. As more stakeholders contribute to the cyber capacity building field, improving global coordination efforts to avoid fragmentation and duplication is also essential.
Cyber capacity building efforts have become more mainstream. This past May, the United Nations Open-Ended Working Group (OEWG) on Information and Communication Technologies saw the first UN event fully dedicated to the issue, with the goal of providing an action-oriented platform for states and non-governmental stakeholders to exchange ideas, share best practices, and build partnerships. Capacity building is a topic that cuts across all the pillars of the OEWG’s work and underpins efforts to address existing and emerging threats; implement and develop rules, norms, and principles of responsible state behavior; and pursue confidence-building measures.
The OEWG has agreed on a set of guiding principles for cyber capacity building: Capacity building should be demand driven and tailored to each country’s specific needs and priorities. Activities should be inclusive, multistakeholder, and sustainable. But continued efforts need to be made to mainstream these principles into capacity building programming. In its most recent progress report, the OEWG also underlined that capacity building is foundational to developing the resources, skills, policies, and institutions necessary to increase the resilience and cybersecurity of states and to accelerate the digital transformation and the implementation of the 2030 Agenda for Sustainable Development.
One key multistakeholder initiative worth highlighting is the Accra Call for Cyber Resilient Development. This framework emerged from the Global Conference on Cyber Capacity Building (GC3B) held in Accra, Ghana, in 2023. The Call aims to stimulate global action to elevate cyber resilience across international and national development agendas as well as promote cyber capacity building that supports broader development goals, effectively serving the needs and priorities of developing countries. The Accra Call articulates a set of non-binding, voluntary, direction-setting actions that stakeholders can take to build cyber resilience: (i) strengthen the role of cyber resilience as an enabler for sustainable development, (ii) advance demand-driven, effective, and sustainable cyber capacity building, (iii) foster stronger partnerships and better coordination and (iv) unlock financial resources and implementation modalities. The Call is currently supported by over 65 stakeholders worldwide and the next iteration of the Global Conference on Cyber Capacity Building will take place in Geneva in 2025.
Dialogue among experts and practitioners remains the foundation for generating consensus, strengthening norms implementation, and facilitating information sharing and capacity building. Taken together, the work of the OEWG and numerous multistakeholder initiatives such as the GFCE and its Accra Call can advance the cyber capacity building agenda at the global level and establish it as a cross-cutting issue that is of vital importance to development and security efforts.
Anneleen Roggeman is Senior Program Manager for the Cyberspace Cooperation Initiative at ORF America.